Previous Topic: CA 7Next Topic: Implementing Security for Non-CA Products

Implementing Security for Other CA ProductsImplement Security for CA Datacom

Implement Security for CA Datacom

CA Datacom provides external security for all product resources, functions, and accessors. In addition to these instructions, the CA Top Secret security administrator must also create a facility, a region control ACID, and a started task definition for each CA Datacom Multi‑User Facility (MUF).

To create each CA Datacom MUF facility, enter the following commands:

TSS MODIFY(FACILITY(USERnn=NAME=PRODMUFx)

TSS MODIFY(FACILITY(PRODMUFx=MULTIUSER,PGM=***,NORES,SIGN(M),AUTHINIT)

TSS MODIFY(FACILITY(PRODMUFx=SHRPRF,NOABEND)

To create a region control ACID and add the started task to the STC table, enter the following commands:

TSS CREATE(MUFxACID) NAME('PRODMUFx CNTL ACID') TYPE(USER)
                     DEPARTMENT(dept)
                     FACILITY(STC,BATCH)
                     MASTFAC(PRODMUFx)
                     PASSWORD(NOPW,0)

TSS ADDTO(STC) PROCNAME(MUFxSTC)
               ACID(MUFxACID)

To allow a user to access the CA Datacom MUF, enter the following command:

TSS  ADDTO(USER)  FACILITY(PRODMUFx)

CA Datacom products share the following CA Datacom resources, which are protected by CA Top Secret. Also included in this list is a brief description of what security they provide.

Note: For complete information about resources and using external security for CA Datacom, see the CA Datacom Security Reference Guide

DTSYSTEM(cxxname.product)

Secures system product combinations. A system includes all of the databases and tables defined in the CA Datacom directories (Cxx). The product is identified by a two‑character product code:

DB

CA Datacom/DB

DD

CA Dataquery CA Datacom Datadictionary

DQ

CA Dataquery

DTADMIN(cxxname.product)

Secures product administrator authority. A user who has access to the DTADMIN(cxxname.DB) is considered a Global Owner and can create a schema for SQL, issue GRANT or REVOKE for any SQL controlled tables, and drop any table.

DTTABLE(cxxname.DB00nnn.table)

Determines which users can access CA Datacom/DB tables. The resource is made up of the Cxx name, followed by the database and table name.

DTUTIL(cxxname.DBUTLTY.function.subfunction)

Protects the desired CA Datacom DBUTLTY utility functions and serves as an alternative method for console operators to secure unprotected CA Datacom console commands.

DTUTIL(cxxname.DB0nnnn.table.right)

Protects CA Datacom DBUTLTY utility functions that include table access.

DTUTIL(cxxname.DQutility.function)

Protects processes in CA Dataquery.

DTUTIL(cxxname.DD0nnnn.DDutility.function)

Protects processes and utilities in CA Datacom Datadictionary.

DTUTIL(cxxname.DD00nnn.table.status.function)

Protects entity-level security in CA Datacom Datadictionary.