The security administrator (or security administrators, depending on your ACID hierarchy) is the focal point of security for your site. He needs to understand how CA Top Secret works and how to best implement security for your system. He may not necessarily be responsible for installing or maintaining the CA Top Secret product, but he acts as the liaison between CA Top Secret security and the users who need to access the facilities and resources it secures. The security administrator’s actual role is determined by a number of factors, among them:
For example, you might design one security administrator whose sole purpose is ACID creation and maintenance, and another security administrator who is responsible for maintaining resources and the Resource Descriptor Table (RDT). For more details on the RDT, see your Command Functions Guide. Or, like many installations, you might create a "backup MSCA" by assigning full authority to one SCA.
Regardless of his specific role or area of control, each security administrator must first possess the appropriate administrative authority.
The CA Top Secret administrative hierarchy has seven levels:
The first six levels represent types of ACIDs—that is, ACIDs whose primary function is to control security administration. (The MSCA is frequently referred to as the Master Central security administrator, the SCA as a Central security administrator, and so on.) While users can be given administrative authority (limited to themselves), their primary function is to perform work (for example, production processing). Likewise, Control ACIDs can perform work, but this should be a secondary function for them.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|