Use the CA Top Secret ADABAS interface to supplement the security controls provided by the basic ADABAS system to protect ADABAS databases and files. CA Top Secret does not eliminate or supersede any of the controls and logical relationships provided by the ADABAS data dictionary.
This interface introduces the resource DATABASE. DATABASE is an owned resource, with WHOHAS and WHOOWNS support, scope checking, and all the administration controls implied for an ownable resource.
The syntax for ADDing and PERMITting DATABASE databases and files is:
TSS ADDTO(acid) DATABASE(DdddFfff) TSS PERMIT(acid) DATABASE(DdddFfff) options...
The database number from 1 through 255.
The file number from 1 through 255.
Two access levels are available for ADABAS files:
Read‑only access can be performed on the database/file combination.
Read, write, or update operations can be performed on the database/file combination.
For example, to protect file number 105 (contained within the ADABAS database number 3) from unauthorized access, the administrator assigns ownership to the Payroll Department, enter:
TSS ADDTO(PAYROLL) DATABASE(D003F105)
To then allow all users associated with the payroll profile, PAYPROF, to update this file, enter:
TSS PERMIT(PAYPROF) DATABASE(D003F105) ACCESS(UPDATE)
There are certain ADABAS commands that can only be used by ADABAS utilities. These commands are protected by the OTRAN resource. These two character commands are: A9, SP, L7, L8, LA, LB, LC, and LD.
To protect all of these commands, use this TSS command function:
TSS ADDTO(DEPT01) OTRAN(ADABAS)
To permit use of any of these commands, enter:
TSS PERMIT(USER01) OTRAN(ADABASxx)
Represents any of the two character commands listed above.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|