Security › Overview

Overview

This chapter explains the CA View security features including:

• Internal security
• External security
  • Types of resources protected
  • Levels of security access
  • How to implement external security for CA Top Secret, CA ACF2, and IBM's RACF

The SARSTC started task uses the SAPI interface to collect and delete SYSOUTs and JESDS that meet the request criteria of CA View for data from the JES spool. SARSTC requires the appropriate access level to the JES spool's security profiles to perform these actions.

CA View requires UPDATE authority to:

• Access the database to save user profile information, such as last access date, current access mode
• Retain access information, such as the last time the report was browsed
• If the SARINIT EXPRESS parameter specifies a corresponding CA Deliver database, CA View users will need READ authority for the CA Deliver database

SARXMS users do not need UPDATE access. In this case, the ACID associated with the SARXMS task needs UPDATE authority. After the users gain access, their authority to perform online functions is controlled by the security rules that have been built.

In addition, you can secure CA View database data sets from being accessed by other applications by using the SARXTD system extensions.

By turning on the dataset security option in SARXTD you can secure CA View data sets so that only CA View utilities can have access. All other utilities fail if they try to access a data set with the HLQ specified in the SARXTD parameters.

Note: For more information about securing data sets in CA View using SARXTD, see System Extensions in the chapter "Configuring".