Valid on z/OS.
Use XCSFKEY to secure the exportation of z/OS Integrated Cryptographic Service Facility (ICSF) cryptographic keys. For information on setting the keys, see IBM's OS/390 Integrated Cryptographic Service Facility: Administration Guide.
When used with TSS ADDTO/REMOVE, this resource class has the following format:
TSS ADDTO(acid) XCSFKEY(XCSFKEY1)
1–26 characters
1–5 prefixes per TSS command.
When used with TSS PERMIT/REVOKE, this resource class has the following format:
TSS PERMIT(acid) XCSFKEY(XCSFKEY1)
1–246 characters.
This resource class is used with:
The administrator can use any of the following methods to control access to CSFKEYS resources: Expiration, Facility, Program Pathing, Time/Day, and Actions.
This example protects the resource with CA Top Secret by assigning ownership to the Corporate Department(owning acid):
TSS ADDTO(CORPORAT) XCSFKEY(XCSFKEY1)
The administration may now PERMIT access to users or profiles that require access.
This example removes ownership:
TSS REMOVE(CORPORAT) XCSFKEY(XCSFKEY1)
This example permits users to access XCSFKEY(XCSFKEY1) on Fridays only:
TSS PERMIT(TECHUSER) XCSFKEY(XCSFKEY1) DAYS(FRIDAY)
This example permits users in the Technical Services Department to access XCSFKEY1:
TSS PERMIT(TECHPROF) XCSFKEY(XCSFKEY1)
This example revokes access :
TSS REVOKE(TECHUSER) XCSFKEY(XCSFKEY1)
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|