VTAM

Configuring a Multilevel Secure System › VTAM

VTAM

VTAM passes security information to CA Top Secret at system entry. Using SAF calls, VTAM provides CA Top Secret with the identification and authentication information it needs to return an access decision to VTAM.

Support for MLS VTAM

The following is supported when MLS is active on an CA Top Secret system:

Identification and authentication information is passed to CA Top Secret
The transmission and reception of cross-address-space TSO/E messages is controlled
The VTAM LOGON command has not changed as a result of MLS.

Restrictions

The following restrictions apply when MLS is active on an CA Top Secret system:

The VTAMAPPL class should be active

Configuration Checklist

This checklist describes the software configuration requirements when MLS is active on an CA Top Secret system.

Requirement	Complete
Define an acid for the NET started task	□
Define access rules for the NET started task	□
Define resource rules for VTAM devices	□
Control access of applications	□
Train users in trusted path logon sequences	□

Defining an Acid for NET Started Task

A security administrator should define an acid for the NET started task. This acid must have the STC attribute. No other attributes need be specified.

Defining Access Rules for NET Started Task

When the NET started task starts up, and when VTAM resources are activated, VTAM reads initialization parameters from the data sets allocated to the VTAMLST ddname in the NET procedure (generally SYS1.VTAMLST). VTAM also fetches modules from the libraries allocated to the VTAMLIB ddname (generally SYS1.VTAMLIB). VTAM must be granted read access to these data sets.

The following access rule grants NET read access to SYS1.VTAMLIB and SYS1.VTAMLST:

TSS PER(net) DSN(sys1.vtamlib) ACCESS(read)
TSS PER(net) DSN(sys1.vtamlst) ACCESS(read)

Controlling Access of Applications

Application programs request permission to open VTAM access method control blocks (ACBs) in order to access VTAM resources and facilities. VTAM makes a SAF call to CA Top Secret to verify that the application can open an ACB. The security administrator usually identifies those applications to CA Top Secret in a resource rule for the VTAMAPPL resource class. However, in an MLS system, the VTAMAPPL class should be active, but non-APF-authorized programs cannot access VTAM resources.

The security administrator does not have to write a resource rule because CA Top Secret prevents access by default.

Training Users in Trusted Path Logon Sequences

CA Top Secret provides trusted path support for users logging on to VTAM terminals. Trusted path is an important defense against password grabbers, programs that simulate logon prompts while collecting the passwords of unsuspecting users, and it is optional, but recommended for use in an MLS system configuration. For trusted path protection to be effective, people must invoke the trusted path every time they sign on. New users must be trained in use of the trusted path logon sequences.