CA Top Secret offers security protection for all required Started Tasks (STC) definitions and STCs that reference sensitive data or affect system integrity. In addition, you have the option to protect whatever is appropriate at your particular installation. There is no need to secure all started tasks so, by default, CA Top Secret allows STCs to bypass security.
For information, see the Implementation: Other Interfaces Guide.
Data processing personnel continuously have access to the O/S consoles and started tasks. Many STCs can be executed without any record to indicate who entered the started task. With the proper authority, CA Top Secret allows a security administrator to force the operator executing the STC to provide identification.
By using the ADDTO(STC) function, the security administrator can attach an STCACT attribute to the STC definition, forcing the operator to enter his user ACID and password. If the ACID or password entered is invalid, the STC will not execute.
An STC can be associated with a specific ACID with TSS ADDTO.
Example: ACID association
This example associated an STC with a specific ACID:
TSS ADDTO(STC) PROCNAME(stc‑name)
ACID(acid‑name)
You can define an STC that prompts for an ACID with an assigned password. (Specifying a password is required only for critical STCs.) If the ACID assigned to the STC is defined with a password, then a second prompt is issued for the password. This provides additional protection by forcing the operator to supply the correct ACID information for the STC before it is allowed to execute.
To define a specific STC that bypasses CA Top Secret checking, use TSS ADDTO and specify the BYPASS keyword in the acidname field. This allows the started task to execute without security checking.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|