Security Considerations › CA Top Secret Interface › How Job Submission Works with CA Top Secret Enabled

How Job Submission Works with CA Top Secret Enabled

CA XCOM Data Transport supports the initiation of jobs from a remote LU through the internal reader (INTRDR).

When a job is submitted, CA XCOM Data Transport performs the following actions:

• Validates the user ID and password that are on the job statement. (SURCHK=YES and SURCLS must be specified in the CA XCOM Data Transport Default Options Table.)

  This check is performed on the receiving system. This validation does not take place if the user ID on the job statement is the same as that used by the CA XCOM Data Transport started task on the receiving system, or if it is the same user ID under which the receiving CA XCOM Data Transport server is executing.

  If the combination is invalid or contains blanks, CA Top Secret determines what happens next. For example, the procedure might have failed outright, or it might be allowed under the access privileges of a default user ID.

• Checks for USER and PASSWORD parameters on the JOB statement. If there are none, CA XCOM Data Transport inserts those specified by the remote user on to the JOB statement. Access checking is based on this user ID, not CA XCOM Data Transport's authorization.

Note: The inserted password is visible only to the CA XCOM Data Transport security interface and does not appear on any system or job output.