VMMACH and ACID resources also control the surrogate function.
The surrogate function in CA Top Secret offers additional flexibility in extending normal security specifications to all virtual machines.
Surrogacy provides a mechanism by which an administrator may designate authorities of specific ACIDs to virtual machines. In CA Top Secret, a virtual machine can assume the authorities of an alternate ACID -- temporarily overriding the authorities which have normally been established at logon for the virtual machine. For example, a VM batch master control machine may activate a worker machine called WRK7 with USERA’s ACID when USERA requires that machine for job execution. Upon job completion, WRK7 is either reset to its original ACID or set to another submitter’s ACID by the batch master control machine. At all times USERA, if logged on, always retains access to its resources.
By supporting the use of alternate ACIDs for virtual machines, CA Top Secret keeps your data secure whenever tasks are assigned to worker machines. Security violations can be traced to either the submitting ACID or the worker machine.
See the Customization Guide for a description of the surrogate interface.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|