External Security

The sections that follow demonstrate how to implement external security for the following security managers:

CA Top Secret Security
CA ACF2 Security
IBM's RACF

CA View performs external security authorization based on a resource type and name:

The resource type represents a predefined name, and the resource name identifies the data being accessed within the CA View database.
The resource type and name correspond to the class and entity parameters of the RACROUTE macro.

If a user is not authorized to specific data within the CA View database, a violation is recorded.

Note: Since the CA View external security processing verifies the user's authorization for every object requested, you can minimize the impact on performance by using a wildcard character to request only specific data.

Be aware that the implementation procedures presented in this section are examples only. You must determine what the appropriate settings are for your environment.

Important! These examples authorize all users to do everything. We recommend that the CA View Administrator and the Security Administrator work together to do the implementation as a cooperative effort.