A resource is any component of the computing or operating system required by a task. CA Top Secret protects default and site-defined resources.
To protect computer resources, CA Top Secret must know that they exist.
The types of resources (such as data sets, volumes, terminals, and minidisks) that CA Top Secret protects appear in the Resource Descriptor Table (RDT). Many resource types are automatically defined to the RDT at installation. Additional resource types (including site-defined resources) can be added.
Securing resources is a two-step process. Once the resource type or class, is defined in the RDT, then each resource must be:
Ownership of a resource automatically implies full access to that resource. For other ACIDs to have access to that resource, they must be authorized or permitted to use it.
Once you have defined all resources to CA Top Secret and have specified their access levels, any future request to access those resources is processed through the CA Top Secret validation algorithm to determine whether an ACID has the appropriate authorizations to access a particular resource.
When an ACID requests access to a particular DASD data set, CA Top Secret must potentially evaluate both the pertinent volume and data set authorizations, depending on the bypass options or authorization associated with that ACID.
In the event that CA Top Secret must check both volume and data set level access, CA Top Secret always performs volume level first. In some cases, a request to access a data set is granted or failed strictly on the basis of the ACID's volume access authorizations.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|