Data Direction Restriction
In addition to the Trusted Node feature, the Data Direction Restriction specifies whether each adjacent node can initiate a RECEIVE, SEND, or RECEIVE and SEND to or from the local node in the network map. The bits located in the SQCB, SQRECV, and SQSEND indicate the sending and receiving status.
In the adjacent node definition, the sixth positional parameter enables you to restrict the direction of data on a transfer with a specific adjacent node. This security applies regardless of where the Process is submitted, for example, local or remote node. The parameter descriptions follow:
Parameter | Description |
---|---|
RECEIVE|RECV | Indicates that when the adjacent node initiates a transfer, it is only allowed to receive data from this node. It is never allowed to send data to this node. |
SEND | Indicates that when the adjacent node initiates a transfer, it is only allowed to send data to this node. It is never allowed to receive data from this node. |
BOTH | Indicates that when the adjacent node initiates a transfer, it is allowed to both send and receive data from this node. This value is the default. |
NONE | Indicates that when the adjacent node initiates a transfer, it is neither allowed to send or receive data from this node. |
The following example represents the Trusted Node Security and Data Direction Restriction features defined in the network map. The parameters are the fifth and sixth positional parameters in the adjacent node definition.
|
The following two bits are identified in the security exit:
Bit | Description |
---|---|
SQSNODE | Identifies if the node where the security exit is running is the SNODE for this Process. The bit is on if the node is the SNODE and off if the node is the PNODE. |
SQIDXLAT | Identifies if a point-of-entry security ID translation was performed prior to calling the security exit. If a PNODEID/SNODEID is not specified when the Process is submitted and a match is found in the Authorization file for that USERID and NODE combination, then the bit turns on when the security exit gets control. |