CA Top Secret allows online users to submit batch jobs that run under an ACID other than the ACID of the online user (a secondary ACID). The user’s ability to submit jobs that run under secondary ACIDs is the key to effective security for production scheduling. You do not have to allow the production scheduling area to access all production resources at the required access levels. Permit the schedulers to submit batch jobs for the ACIDs you have defined for each production job. If you have specified a password for each ACID, you will have the protection of a password and will not have to divulge the passwords to the schedulers.
This strategy can be applied to automated scheduling software. You can permit the ACID under which the automated scheduler runs to use the ACIDs defined for your production processing. This lets you control what the automated scheduler can submit.
Important! Do not use the attribute NOSUBCHK to give the schedulers (live or automated) the ability to submit production processing. This attribute allows them to submit under any ACID–including critical systems ACIDs and emergency ACIDs. You will also not be able to audit the schedulers’ ACIDs to track the production submitted by each scheduler.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|