Protecting Facilities › About Facilities
About Facilities
Some services, such as BATCH, STC, and CONSOLE, are automatically associated with the appropriate facility through the use of the SESSION type. You can provide this type:
- As a parameter on the signon request
- From the appropriate field in the input token provided by the TOKNIN= parameter
Other services such as CICS, CA IDMS, and IMS are associated:
- Explicitly—By assigning a MASTFAC parameter to the ACID executing the batch job or STC that created the service.
- Implicitly—CA Top Secret looks at the program in control and matches it with the program name specified in the facility. If there is not a match for the INITPGM or no MASTFAC was assigned, a facility of STC is assigned if the particular service was started as a started task. If the service was started as a batch job, the facility of BATCH is assigned.
Facilities can also be:
- Single user address space (like TSO and BATCH). Each signed on user gets their own address space.
- Multiple user address space (for example, CICS and IMS). Using CICS as an example, each user that signs on to a CICS region is given part of the region's block of space. When a user requests access, standard CICS only identifies to z/OS the Security Record for the region involved, not the specific user's Security Record. This procedure is typical of multiple user address space systems.
A list of CA Top Secret predefined facilities and their attributes resides in the Facilities Matrix Table. These attributes are called the facility's definition.
Copyright © 2014 CA Technologies.
All rights reserved.
|
|