Internal Security › Security Use Considerations

Security Use Considerations

Capabilities provided by CA WA CA 7 Edition make it important to identify control personnel within the organization who is permitted to interface directly with CA WA CA 7 Edition. By establishing a security structure, various access levels can be allowed and still controlled, making CA WA CA 7 Edition available for use by any number of authorized personnel. CA WA CA 7 Edition security can be used in the following ways:

• The Master Terminal Operator (MTO) has the most responsibility for the activity of CA WA CA 7 Edition. MTO functions can include the following:
  • Monitoring production activity
  • Providing status reports
  • Responding to CA WA CA 7 Edition's requests for JCL overrides or manual verifications
  • Using various application functions to help ensure database integrity.

  To permit the MTO to perform these various functions, the SECURITY macro statement of the MTO would allow access to all functions within all CA WA CA 7 Edition applications. Assigning a function level of 15 within each application allows this access. In addition, assigning the MTO a special user ID of 255 allows access to all data regardless of ownership.

• The workstation terminal operator generally requires less authority than the MTO. Each operator would be assigned a level of authorization to reflect the various responsibilities of each workstation. Likewise, an individual can have different levels of authorization depending on which terminal is being used and which functions are being performed.
• Database Maintenance can be established as a separate activity that one person or a designated group of personnel can control and perform. The level of authority required for this activity must obviously allow full use of maintenance application functions, but probably would not require the ability to modify the queues.
• End users and some data center managers can require access to CA WA CA 7 Edition in inquire-only mode. For example, RJE users could be authorized to interrogate the queues to determine job status. The users can also have access to database entries for those jobs belonging to them as defined by their user ID (UID) value. Data center managers could be authorized to interrogate CA WA CA 7 Edition for information reflecting current production status, projected schedules, history, and so forth.

Regardless of the level of responsibility as defined to CA WA CA 7 Edition, all authorized operators (MTO through end user) must use the same procedure to establish communication with CA WA CA 7 Edition. This procedure is the logon and is described in the Command Reference Guide.