Control Option Requirements › Setting Security Modes

Setting Security Modes

One of the key issues that a security administrator must resolve during the implementation of CA Top Secret is the selection of a security mode for CICS. CA Top Secret security for CICS can be implemented in such a manner that existing CICS security or CA Top Secret security is in effect.

Modes of Operation

Four modes of operation are supported for a CICS environment; DORMANT, WARN, IMPLEMENT, and FAIL. Modes are assigned at five different levels:

Global

The default for the entire CA Top Secret community. For example:

MODE(WARN)

Facility

Affects a particular facility within the community. For example:

FACILITY(CICS=MODE=IMPL)

Profile

Affects a particular group of users attached to the profile. For example:

TSS PERMIT(PROF01) MODE(IMPL)

User

Affects a particular user within the community.

TSS PERMIT(USER01) MODE(FAIL)

Resource

Forces a particular resource authorization to be processed in FAIL mode. For example:

TSS PERMIT(USER01) TERMINAL(L048T29)
                   ACTION(FAIL)

Note: The global level is implemented via the MODE control option, or on a facility level via the MODE= suboption of the FACILITY control option. The profile, user and resource levels are implemented via the PERMIT function of the TSS command.

Modes for Defined Users and Resources

How modes for users and resources defined to CA Top Secret are administered:

DORMANT

No security checking is performed.

WARN

If the user is permitted access, security checking is performed by CA Top Secret only. If the user is not permitted access to the resource, a warning message is issued to the user.

IMPLEMENT

Security checking is performed by CA Top Secret.

FAIL

Security checking is performed by CA Top Secret.

Also note that:

• If ACTION(FAIL) is added to the resource, the mode specified for the user is overridden. This means that any unauthorized access to the specified resource is failed, and authorized access is allowed, regardless of the mode specified for the user. See the User Guide for details about the ACTION attribute.
• If an unauthorized access occurs and the DRC indicates the NOVIOL suboption, the security violation is treated as any event, and authorized access overrides CICS security key checking regardless of the mode specified for the user. The violation is flagged, but the user is not failed.
• If the EXIT(ON) control option is specified, the CA Top Secret Installation Exit is activated. Security check return can be altered by this option.
• The USERID on a JOBCARD submitted by a CICS user must be permitted to both the user submitting the job and the region ACID. These cross‑authorizations are checked in FAIL mode regardless of the user mode.

Modes for Defined Users and Undefined Resources

How modes for users defined to CA Top Secret and resources not defined to CA Top Secret are administered:

DORMANT

No security checking is performed.

WARN

No security checking is performed. If default protection is specified, a warning message is issued to the user.

IMPLEMENT

No security checking is performed. If default protection is specified, security checking is performed by CA Top Secret only. The user fails because the resource is undefined and therefore, not authorized for access.

FAIL

If default protection is specified, security checking is performed by CA Top Secret only. The user fails because the resource is undefined and, therefore, not authorized for access.

In addition to the information contained in the previous table, also note that:

• If ACTION(FAIL) is added to the resource, then the mode specified for the user is overridden. This means that any unauthorized access to the specified resource is failed and authorized access is allowed, regardless of the mode specified for the user. See the User Guide for details about the ACTION attribute.
• If an unauthorized access occurs and the DRC indicates the NOVIOL suboption, the security violation is treated as any event, regardless of the mode specified for the user. The violation is flagged, but the user is not failed.
• If the EXIT(ON) control option is specified, the CA Top Secret Installation Exit is activated. Security check return can be altered by this option.

Modes for LCF Checking

The product provides modes of operation for protection of transactions through the Limited Command Facility (LCF). Inclusive LCF lists are defined by the CA Top Secret TRANS function parameter. Exclusive LCF lists are defined by the CA Top Secret XTRANS function parameter.

Note: Transactions that are defined as OTRAN transactions override LCF transactions and are protected by the modes for defined users and resources or modes for defined users and undefined resources. For a complete explanation of LCF protection, see the CA Top Secret User Guide.

The product protects LCF lists as follows:

• For inclusive LCF lists, the following modes are administered:

  DORMANT mode

  Provides no security.

  WARN, IMPLEMENT, or FAIL mode

  Performs security checking if the user has a TRANS LCF list for the facility, and the transaction ID that is accessed is found in that list.

• For exclusive LCF lists, the following modes are administered:

  DORMANT mode

  Provides no security.

  WARN mode

  Performs security checking if the user specifies an XTRANS LCF list, and the transaction that is accessed is not found in the list for the facility.

  IMPLEMENT or FAIL mode

  Fails the user if the user is defined to CA Top Secret and the transaction that is accessed is found in the XTRANS LCF list.

Example: Assign an Inclusive List to a User

This example gives a user an inclusive list (a list of transactions that the user is allowed to use) for facility CICSPROD:

TSS ADDTO(acid) TRANSACTIONS(CICSPROD,(PAYT,MAIL,PAYP))

Example: Assign an Exclusive List to a User

This example gives a user an exclusive list (a list of transactions that the user is not allowed to use) for facility CICSPROD:

TSS ADDTO(acid) XTRANS(CICSPROD,(PAYT,MAIL,PAYP))

Note: When the NOXDEF suboption is specified on the facility for users defined to CA Top Secret without TRANS or XTRANS lists defined, security checking is performed by CICS only in DORM and WARN modes. Access to the requested transaction is allowed in IMPLEMENT and FAIL modes only.

When the XDEF suboption is specified on the facility for users defined to CA Top Secret without TRANS or XTRANS lists defined, security checking is performed by CICS only in DORM and WARN modes. Access to the requested transaction is allowed. In IMPLEMENT and FAIL modes, CA Top Secret performs security checking, and access to the transaction is denied.