For your security hierarchy, the security administrator is responsible for the scope of authority. CA Top Secret provides several different levels of control ACID scope. Each level corresponds to a level in your corporate structure.
For example, a division control ACID (VCA) is responsible for administering security for all the ACIDs within a particular division (including ACIDs assigned to departments associated with that division).
The following table shows an example of how an organization could define its security administrators to CA Top Secret, and the scope that results:
|
Title |
Scope |
Example |
|
MSCA |
Entire installation |
The master SCA (MSCA) can create all CA Top Secret administrators, including SCAs, LSCAs, ZCAs, DCAs, VCAs, and auditors. |
|
SCA |
Entire installation |
An SCA's scope of authority depends on the administrative authorities that they were granted. An SCA can create ZCAs, DCAs, VCAs, Profile, and User ACIDs, but not other SCAs. |
|
LSCA |
A zone and/or another LSCA |
An LSCA can have all the authority of an SCA, but unlike the SCA, the LSCA must have a scope of authority assigned to it. This scope of authority can be one or more LSCAs and/or zones. |
|
ZCA |
A zone |
A zone security administrator can:
|
|
VCA |
A division |
A divisional security administrator can:
|
|
DCA |
A department |
Department administrators have the same scope over a department that a VCA has over a division. DCAs can also create ACIDs in their department. |
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|