z/OS Security Server RACF Security Administrator's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Example: Trusted, semitrusted, and untrusted Nodes

z/OS Security Server RACF Security Administrator's Guide
SA23-2289-00

Figure 1 shows a sample NJE network in which some nodes are trusted (see Understanding mixed security environments), some nodes are semitrusted (verification is done on inbound work), and some nodes are not trusted (no inbound work is allowed to run).

Figure 1. Example: Trusted, semitrusted, and untrusted nodesExample: Trusted, semitrusted, and untrusted Nodes

In this example, profiles on node MYNODE control inbound work as follows:

Trusted nodes:
RDEFINE NODES TRSTNODE.USER%.* UACC(UPDATE)
RDEFINE NODES LOCLNODE.USER%.* UACC(UPDATE)
RDEFINE NODES VMNODE.USER%.* UACC(CONTROL)
Semitrusted nodes: 
RDEFINE NODES SEMTNODE.USER%.* UACC(READ)
RDEFINE NODES DFLTNODE.USER%.* UACC(READ)
Untrusted node: 
RDEFINE NODES NOTRUST.*.* UACC(NONE)
Note: To prevent any unknown nodes from submitting work to be done on your node, create the following profile: 
RDEFINE NODES *.*.* UACC(NONE)
Parent topic: Translating security information

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014