Controlling Access to VM

System Entry Security › Controlling Access to VM

Controlling Access to VM

As supplied, virtual machines running on a CPU with CA Top Secret are doing so under the default facility--VM. CA Top Secret controls access to VM in FAIL mode by requiring that the user be authorized to use the facility. By default, only the MSCA can access VM when CA Top Secret is first installed with an empty security file. Everyone else must be explicitly authorized to use the VM facility through a TSS CREATE or ADDTO function.

To authorize users for access to the VM facility, CA Top Secret administrators (other than the MSCA) need FACILITY(VM) administrative authority and the appropriate scope. If the Security Administrator has FAC(ALL) administrative authority together with a scope encompassing USER01, then this TSS command may be issued:

TSS ADD(USER01)  FAC(ALL)

To define other facilities, you can edit the Parameter File. For instance, suppose you wanted to distinguish your Test and Production VM systems. Begin by defining the VM facility. To do so, use the FACILITY control option in the Parameter File:

FACILITY(USER1=NAME=VMTEST)
FACILITY(VMTEST=MODE=WARN)

where:

FACILITY—control option
USER1—user-definable Facilities Matrix entry
NAME—renaming keyword for FACILITY control option
VMTEST—name of the new facility
MODE—keyword for setting security mode
WARN—user-defined security mode affecting VMTEST facility

Next, use the VMFAC control option to associate your CA Top Secret facility with a counterpart SYSID:

VMFAC(SYSTEMC=VMTEST)

where:

VMFAC—control option
SYSTEMC—systemid from system_identifier statement in the system configuration file
VMTEST—the test machine you set up earlier.

For more information about these terms, see the Control Options Guide.

As you can see, CA Top Secret is flexible enough for a production VM environment. Just as you can set up a test machine, you can also set up other test and production machines.

To prevent suspected subversion, CA Top Secret allows the VM facility to be immediately deactivated from the VM operator’s console. While the facility is inactive, no logons are accepted. Security Administrators can deactivate the VM facility by using a TSS MODIFY command to specify the INACT (inactive) suboption of the FACILITY control option. The facility may be reactivated with the ACTIVE suboption of FACILITY. Here’s an example of inactivating and reactivating the VM facility:

TSS MODIFY FAC(VM=INACT)

-and-

TSS MODIFY FAC(VM=ACTIVE)