Implementing Security › Administering Terminal Security › Terminal Locking Security
Terminal Locking Security
CA Top Secret provides TSS commands and a control option that allows the security administrator and individual users to control when inactive or unattended terminals are locked. The standard locktime procedure is:
- When you signon to a terminal, CA Top Secret begins to monitor LOCKTIME thresholds. If you do not signon and are assigned to the SIT DFLTUSER, no LOCKTIME monitoring will occur.
- When the LOCKTIME threshold is expired, at the next action key (Enter, Clear, PF key, and so on) the terminal screen is cleared and you are prompted for your password.
- You can enter your password, CESF, or press the Clear key.
- Use the LTLOGOFF FACILITY suboption to further enhance LOCKTIME processing. When you set LTLOGOFF=YES, if the LOCKTIME expires again before your enter your password, the terminal is signed off security and logged off.
- Use LTLOGOFF=SIGNOFF to sign off the terminal's user without disconnecting the terminal from CICS.
Use these methods to control terminal lock time:
- Use the LTIME parameter with the TSS ADD command to allow the security administrator to set terminal lock times for individual users.
- The TSS LOCK/UNLOCK commands allow users to lock and unlock their terminals.
- The LOCKTIME suboption of the FACILITY control option allows CA Top Secret security administrators to set lock times for all terminals connected to a specific facility.
LOCKTIME processing occurs only on the CICS region where the user is physically signed on. For example, in an MRO environment, AOR processing is not affected. Terminals and ACIDs can be exempted from LOCKTIME processing by placing them in the LOCKTIME Bypass List.
Copyright © 2014 CA Technologies.
All rights reserved.
|
|