Use multiple authorizations to tailor elements in an overall security structure. For example, allow a large group of users to read a family of data sets and a few users in the group to update the data sets.
For each resource access request, CA Top Secret conducts a security validation search to determine whether the access request should be granted.
When there are multiple access authorizations, CA Top Secret treats separate PERMIT entries designating the same ACID and resource as discrete permissions rather than consolidating them into one combined permission.
The historical order in which multiple authorizations were made can determine which CA Top Secret error message is issued.
Examples: establish authorizations
This example requires both conditions to be satisfied (to use the NYC terminals, you must log on Monday through Friday during business hours only).
TSS PERMIT(ALL) TERMINAL(NYC)
TIMES(08,17)
DAYS(WEEKDAYS)
This example allows logon during business hours:
TSS PERMIT(ALL) TERMINAL(NYC)
TIMES(08,17)
This example requires logon during the week:
TSS PERMIT(ALL) TERMINAL(NYC)
DAYS(WEEKDAYS)
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|