Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
RACF security retention period processing (TAPEDSN must be active) z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
Before RACF® allows a user
to write to a tape that is protected by
a tape volume profile containing a TVTOC, RACF checks whether the security protection
for the current data on the tape volume has expired. To determine
whether the RACF security retention
period has expired, RACF uses
one of the following:
If a user wants to overwrite an existing tape data set with a data
set having a different name before the existing data set's RACF security retention period
has expired, the user must do one of the following:
If the user has sufficient authority to a tape volume or tape data
set, the
user can overwrite an existing data set using one of the following:
If the RACF security retention period for an existing tape data set has not expired and the user does not have sufficient authority to overwrite it, RACF issues a message indicating that the user does not have sufficient authority to the volume or data set. When a user specifies PROTECT=YES on the JCL DD statement, RACF updates the TVTOC to reflect the creation of the new data set. RACF also generates a discrete profile to protect the new data set and deletes any existing discrete profile that protected the overwritten data set. A user can specify the security retention period for a tape data set by one of
the following methods:
For discrete profiles, if a user does not specify a security
retention period for a tape data set, the retention period can be
provided by one of the following:
For generic profiles that protect tape data sets, the user must assign a security retention period to the profile by specifying the RETPD operand on the ADDSD or ALTDSD command. (If the security retention period is omitted, a zero value is used and the profile is treated as if it expired.) When RACF is installed,
the default security retention period is RETPD(0). If your installation
specifies a different default security retention period for tape data
sets, RACF uses the specified
value in any of the following situations:
Note: The RACF security retention
period is independent of the data set retention period specified by
the EXPDT/RETPD JCL operand. However, the two retention periods are
initially the same if the user who creates the data set has ADSP or
specifies PROTECT=YES on the JCL DD statement. You can modify the
security retention period in the data set profile by using the ALTDSD
command.
If a tape volume contains more than one data set, RACF protects each data set independently. RACF achieves this protection by
not allowing users with UPDATE authority to one or more of the data
sets to rewrite any data set until one of the following occurs:
Note, however, that users who have at least UPDATE authority to the volume can write to the volume unconditionally. In response to RDELETE or DELDSD commands, RACF deletes tape volume profiles and the discrete tape data set profiles for all data sets residing on tapes when all of the data sets that the TVTOC points to have expired. For generation data groups (GDGs), RACF does not automatically delete RACF protection of the volumes containing the oldest generation when a new generation is defined. Because residual data remains on a tape volume even after the security retention period of the RACF profiles has expired, installations should consider degaussing tape volumes on which all of the data sets have an expired security retention period. The librarian can then redefine these tape volumes to RACF using the RDEFINE command with the TVTOC operand and, thereby, reenter the volumes into the common scratch pool. |
Copyright IBM Corporation 1990, 2014
|