|
|
|
The CA XCOM Data Transport CA Top Secret interface uses standard SAF macros to validate access to resources. In addition to data set access checking, the CA XCOM Data Transport CA Top Secret interface can support security checking on the terminal (that is, logical unit), source of origin, time of access, and volume level. The CA XCOM Data Transport security interface determines whether the user ID allows access to the requested resources. For example, a job submitted by a remote CA XCOM Data Transport system runs under the access authorizations of the user ID associated with this job by the remote user. If the remote user does not explicitly specify a user ID, the job runs under the privileges of the local system's default user ID.
If the CA XCOM Data Transport security interface determines that the user is an authorized user, CA XCOM Data Transport opens the file. When CA XCOM Data Transport opens a file, CA Top Secret uses the access authority granted to the CA XCOM Data Transport address space rather than to the user. Therefore, CA XCOM Data Transport must be given access authority for all data sets (except for sensitive data sets that will never be needed by CA XCOM Data Transport users). 913 abends indicate that a user has authorization to access a data set, but the CA XCOM Data Transport address space does not. In this case, CA XCOM Data Transport sends an error message to the user.
| Copyright © 2012 CA. All rights reserved. |
|