Security Implementation Considerations › Security Structure Using External Security › USERID Protection
USERID Protection
In the standard security environment, each user is assigned a USERID that restricts the users' access to resources related to their areas of responsibilities. To prevent users from using a USERID other than their own, submit checking can be implemented to restrict access to USERIDs. Submit checking is performed for the following conditions:
- Requests for jobs, such as DEMANDs, LOADs, or RUNs when the job's JCL contains a USERID.
- Attempts to add USERIDs to JCL through the CA WA CA 7 Edition text editor or queue JCL editor.
- Attempts to add, update, or delete the OWNER field associated with a job on the job definition panel.
- Executions of the SASSTRLR or SASSBSTR facilities when a USERID is supplied on a /LOGON statement. If the USERID supplied is different than the USERID identified in the external environment, a submit check is performed to validate the user's authority to submit for the supplied USERID.
For users to use a USERID other than their own, specific authorization must be granted through the external security package.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|