Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Protection of APPC/MVS transaction programs (TPs) z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
The security administrator can define profiles to the APPCTP class to protect APPC applications in which the outbound transaction program issues an allocate request for an inbound transaction program on MVS™. For more detailed information, see z/OS MVS Planning: APPC/MVS Management. Example: The following example illustrates how you can use the RDEFINE command
to define a transaction program profile named FINANC1.SMITH.ACCTPAYABLETP
and specify a UACC of READ. A UACC of READ allows all users to access
the transaction program and their keys.
You can protect a transaction program by specifying a UACC of NONE.
You can then create an access list that contains only those users
who need access. The following example shows how you can define a
transaction program profile named FINANC1.SMITH.ACCTPAYABLETP and
give it a UACC of NONE:
After you protect the transaction program with a UACC of NONE,
you can use the PERMIT command to define entries in the transaction
program profile's access list. The following example shows how to
use the PERMIT command to create entries in the access list of transaction
program profile FINANC1.SMITH.ACCTPAYABLETP for users USERA and USERB,
giving them each an access authority of READ:
The following example illustrates how you can use the RDEFINE command to
define a CPI-C side information profile named TOOLS1.SYS1.SDLU1234
and specify a UACC of READ, which allows all users to read CPI-C side
information.
You can protect CPI-C side information by specifying a UACC of
NONE. You can then create an access list containing only users who
need access. The following example shows how you can define a CPI-C
side information profile named TOOLS1.SYS1.SDLU1234 and give it a
UACC of NONE:
After you protect CPI-C side information with a UACC of NONE, you
can use the PERMIT command to define entries in the CPI-C side information
profile's access list. The following example shows how to use the
PERMIT command to create entries in the access list of CPI-C side
information profile TOOLS1.SYS1.SDLU1234 for users USERA and USERB,
giving them each an access authority of READ:
|
Copyright IBM Corporation 1990, 2014
|