Valid on z/OS, z/VSE, and z/VM.
Use DSNAME to secures data sets. You can identify each data set separately or in groups of like‑named data sets (using generic prefixing and masking techniques).
When used with TSS ADDTO/REMOVE, this resource class has the following format:
TSS ADDTO(acid) DSNAME(oper,...)
Two to twenty‑six characters
One to five data set names or prefixes per TSS command
Generic prefixing allows the administrator to group a set of similar data sets together, and define them by one generic prefix.
When used with TSS PERMIT/REVOKE, this resource class has the following format:
TSS PERMIT(acid) DSNAME(prefix(es))
ACCESS(access levels)
Two to forty‑four characters
One to five data sets names, prefixes, or masks per TSS command
Note: A fully qualified data set name is PERMITted to an ACID by enclosing in single quotation marks. This will indicate that it is defined to CA Top Secret, not as a prefix, but by its fully qualified name.
Data set masking is another method of reducing the number of data set definitions to implement widespread data set protection.
DSNAME is used with:
The administrator can:
This example gives the Inventory Department (INVDEPT) ownership of a data set known as UNSOLD.INV.MASTER.FILE:
TSS ADDTO(INVDEPT) DSNAME('UNSOLD.INV.MASTER.FILE')
This example removes ownership:
TSS REMOVE(INVDEPT) DSNAME('UNSOLD.INV.MASTER.FILE')
This example has USER01 access any data set prefixed by SFT:
TSS PERMIT(USER01) DSNAME(SFT.)
This eliminates the need to permit access to 'SFT.IMS.PROD' and 'SFT.IMS.SCEDS'.
This example revokes USER01's access to all data sets beginning with the prefix SFT:
TSS REVOKE(USER01) DSNAME(SFT.)
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|