Previous Topic: Security Checking

Next Topic: File Access Security

Security ConsiderationsOverview of Security

Overview of Security

CA XCOM Data Transport provides security for four different types of resources. The resources that can be secured are the files, data in the files, commands, and LUs. This section offers a brief characterization of the essential features of CA XCOM Data Transport security as it pertains to the various resources.

File Security

CA XCOM Data Transport makes calls to IBM RACF, CA Top Secret, and CA ACF2 to verify whether a given user ID is authorized to read or update a given data set.

Command Security

CA XCOM Data Transport makes standard SAF calls to determine whether a given user ID or console is authorized to issue CA XCOM Data Transport commands. The commands whose access status is verified include z/OS console commands and commands that can be issued through ISPF and CICS menu interfaces.

Partner Security

CA XCOM Data Transport makes standard SAF calls to determine whether a given user ID is authorized to perform transfers with a given partner. CA XCOM Data Transport checks the direction (send or receive) in which the transfers are performed is authorized. Also whether the partner making a transfer request can be the initiator of transfers.

Trusted Access Security

The Trusted Access feature allows a transfer to be sent to a remote partner without actually specifying the user ID and password in the transfer. Trusted Access transfers can be sent to and from z/OS, Windows, and UNIX partners.

History Database Security

When CA XCOM Data Transport is using an ODBC database to store history records, users must be granted privileges to the history table. These privileges allow the user to update and/or read from the table. Users that connect to the history database are checked for access rights to records in the table. The history database can be shared among multiple systems and platforms.

Invoking Security

Each security function can be turned on separately by way of the assembled Default Options Table in the CA XCOM Data Transport load library. Also, each security function has an associated user exit, which increases the flexibility of CA XCOM Data Transport's security and allows security to be adapted to site-specific conditions.