[PDF] CA OPS/MVS Event Management and Automation Security Guide





Previous PDF Next PDF



Event Management Manual for Financial Practicalities

I am also glad that I could combine my studies of financial management to event management. Key words: event planning event management



AIBA EVENT OPERATIONAL MANUAL

Logistics. 49. 5.1. Visa and Foreign Affairs Relations. 49. 5.2. Arrivals and Departures. 50. 5.2.1. Arrival and Departure Strategy and Management.



CA OPS/MVS Event Management and Automation Security Guide

This Documentation which includes embedded help systems and electronically distributed materials



NORRIS UNIVERSITY CENTER EVENT PLANNING

EVENT PLANNING & PRODUCTION. POLICY MANUAL. 1999 Campus Drive. Evanston IL 60208. Phone: (847) 491-2330. Email: norris-events@northwestern.edu.



Alumni Chapter Resource Manual: Event Management

Event Management. CONTENTS. PAGE. Event Programming F: Event Briefing Notes & Run Sheet. D-F1 to D-F2 ... C: Event Sponsorship Proposal Template.



chapter ten - operational communications: the event manual & staff

the event manual & staff briefing document. Page 2. Page 3. This section describes two operational communication tools: 1) The Event Manual and 2) the Staff 



EVENT MANAGEMENT HANDBOOK

Figure 4: Event management planning cycle 33 musical event festivals firework displays



IHF Bid and Event Manual

IHF Bid and Event Manual. Page 2. IMPRINT. Editor: International Handball Federation Peter Merian-Strasse 23



Oracle Hospitality Suite8 Conference and Catering Management

9 juil. 2015 Moving an event to another function space . ... Event Manual Postings . ... Event Management Search .



Event Protocol Manual

12 févr. 2021 Special events and public VIP visits are opportunities to enhance the positive reputation of Georgia College and should be conducted with the ...

Security Guide

Release 12.1

CA OPS®/MVS Event

Management and Automation

This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to

as the ͞Documentation") is for your informational purposes only and is subject to change or withdrawal by CA at any time. This

Documentation is proprietary information of CA and may not be copied, transferred, reproduced, disclosed, modified or

duplicated, in whole or in part, without the prior written consent of CA.

If you are a licensed user of the software product(s) addressed in the Documentation, you may print or otherwise make

available a reasonable number of copies of the Documentation for internal use by you and your employees in connection with

that software, provided that all CA copyright notices and legends are affixed to each reproduced copy.

The right to print or otherwise make available copies of the Documentation is limited to the period during which the applicable

license for such software remains in full force and effect. Should the license terminate for any reason, it is your responsibility to

certify in writing to CA that all copies and partial copies of the Documentation have been returned to CA or destroyed.

TO THE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS DOCUMENTATION ͞AS IS" WITHOUT WARRANTY OF ANY

KIND, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR

PURPOSE, OR NONINFRINGEMENT. IN NO EVENT WILL CA BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY LOSS OR DAMAGE,

DIRECT OR INDIRECT, FROM THE USE OF THIS DOCUMENTATION, INCLUDING WITHOUT LIMITATION, LOST PROFITS, LOST

INVESTMENT, BUSINESS INTERRUPTION, GOODWILL, OR LOST DATA, EVEN IF CA IS EXPRESSLY ADVISED IN ADVANCE OF THE

POSSIBILITY OF SUCH LOSS OR DAMAGE.

The use of any software product referenced in the Documentation is governed by the applicable license agreement and such

license agreement is not modified in any way by the terms of this notice.

The manufacturer of this Documentation is CA.

Proǀided with ͞Restricted Rights." Use, duplication or disclosure by the United States Goǀernment is subject to the restrictions

set forth in FAR Sections 12.212, 52.227-14, and 52.227-19(c)(1) - (2) and DFARS Section 252.227-7014(b)(3), as applicable, or

their successors.

Copyright © 2013 CA. All rights reserved. All trademarks, trade names, service marks, and logos referenced herein belong to

their respective companies.

CA Technologies Product References

This document references the following CA Technologies products:

Documentation Changes

The following documentation updates have been made since the last release of this documentation: Note: In PDF format, page references identify the first page of the topic in which a change was made. The actual change may appear on a later page. page 17) section. section. page 64) section.

Contact CA Technologies

Contact CA Support

For your convenience, CA Technologies provides one site where you can access the information that you need for your Home Office, Small Business, and Enterprise CA Technologies products. At http://ca.com/support, you can access the following resources: services

Providing Feedback About Product Documentation

If you have comments or questions about CA Technologies product documentation, you can send a message to techpubs@ca.com. To provide feedback about CA Technologies product documentation, complete our short customer survey which is available on the CA Support website at http://ca.com/docs.

Contents 7

Contents

Chapter 1: Introduction to External Security 9

How to Control Access to Product Resources with External Security .......................................................................... 9

How System Authorization Facility Works ................................................................................................................. 11

Chapter 2: External Security Considerations 13

How Security Options Interact ................................................................................................................................... 13

Limit Update Authority to Specific Parameters .................................................................................................. 14

Limit Specific Users Update Authority ................................................................................................................ 15

Prepare to Use External Security ............................................................................................................................... 16

Set Parameters that Allow External Security ...................................................................................................... 17

How SAF Resources Are Defined to Use External Security ................................................................................. 19

Permit SAF Authority Using DEFSAF .................................................................................................................... 20

Remove SAF Authority Using DEFSAF ................................................................................................................. 21

Control Table Access Using SQL Resources or OPSGLOBAL ....................................................................................... 22

Chapter 3: Implementing External Security with CA Top Secret 23

How to Implement External Security with CA Top Secret .......................................................................................... 24

Customize Resource Class with CA Top Secret ........................................................................................................... 25

Define Profiles Based on Function for Validation ...................................................................................................... 25

Define Profiles Automatically with DEFSAF ................................................................................................................ 27

Generate the SAF Resources with CA Top Secret ....................................................................................................... 28

Batch Execute External Security Manager Commands to Create the Owner and Profiles ........................................ 29

Create Access Permissions with CA Top Secret .......................................................................................................... 30

Add User Access to Product Resources ...................................................................................................................... 32

Authorize User IDs to Use a Specific Command ......................................................................................................... 33

Chapter 4: Implementing External Security with CA ACF2 35

How to Implement External Security with CA ACF2 ................................................................................................... 36

Customize Resource Class with CA ACF2 .................................................................................................................... 37

Define Roles Based on Function for Validation .......................................................................................................... 37

Define Roles Automatically with DEFSAF ................................................................................................................... 38

Generate the SAF Resources with CA ACF2 ............................................................................................................... 40

Batch Execute External Security Manager Commands to Create the Owner and Profiles ........................................ 41

Create Access Permissions with CA ACF2 ................................................................................................................... 42

Add User Access to Product Resources ...................................................................................................................... 44

8 Security Guide

Authorize User IDs to Use a Specific Command ......................................................................................................... 45

Chapter 5: Implementing External Security with RACF 49

How to Implement External Security with RACF ........................................................................................................ 50

Customize Resource Classes with RACF ..................................................................................................................... 51

Define Groups Based on Function for Validation ....................................................................................................... 52

Define Groups Automatically with DEFSAF ................................................................................................................ 52

Generate the SAF Resources with RACF ..................................................................................................................... 54

Batch Execute External Security Manager Commands to Create the Owner and Profiles ........................................ 55

Create Access Permissions with RACF ........................................................................................................................ 56

Add User Access to Product Resources ...................................................................................................................... 58

Authorize User IDs to Use a Specific Command ......................................................................................................... 59

Appendix A: Resource Tables and Predefined Resources 61

SAF Resource Names Table ........................................................................................................................................ 61

SQL TBL.CMD Names Table ........................................................................................................................................ 63

Commands and Functions that Generate External Security Events ........................................................................... 64

Predefined Resources Used by External Security ....................................................................................................... 70

Appendix B: Troubleshooting External Security 73

CA Top Secret Options that Affect Product Access Requests..................................................................................... 73

Access Granted Without Reference to Access Profiles ....................................................................................... 73

ACID Bypassed Security Checking ....................................................................................................................... 74

Index 75

Chapter 1: Introduction to External Security 9

Chapter 1: Introduction to External Security

Note: External Security is the sole subject of this guide. See the Administration Guide and AOF Rules User Guide for documentation on rule-based security and the security user exit.

This section contains the following topics:

How to Control Access to Product Resources with External Security (see page 9) How System Authorization Facility Works (see page 11) How to Control Access to Product Resources with External

Security

As a security administrator in your mainframe environment, your responsibilities include implementing security in CA OPS/MVS. You can perform the following tasks using external security: OPS/MVS resources without coding AOF rules or using the assembler exit. SAF lets you protect commands and features. Note: Consider keeping your currently supported methods with the assembler exit and existing rules in place for backward compatibility issues.

OPS/MVS.

The following external security packages provide a high degree of control over unique resources used by CA OPS/MVS:

± CA Top Secret

± CA ACF2

± RACF

How to Control Access to Product Resources with External Security

10 Security Guide

The following illustration shows the process for using external security to control user access to resources. These chapters help you control access to product resources with external security:

± How Security Options Interact (see page 13)

± Prepare to Use External Security (see page 16) ± Control Table Access Using SQL Resources or OPSGLOBAL (see page 22)

How System Authorization Facility Works

Chapter 1: Introduction to External Security 11

How System Authorization Facility Works

CA OPS/MVS provides external security using System Authorization Facility (SAF) calls to the security product of your choice. CA OPS/MVS makes standard SAF calls to your external security manager using defined resource names. These calls check for security access to its resources. The System Authorization Facility (SAF) is part of z/OS and initiates the following process: control to the external security manager. The following illustration demonstrates how SAF works:

Chapter 2: External Security Considerations 13

Chapter 2: External Security Considerations

This section contains the following topics:

How Security Options Interact (see page 13)

Prepare to Use External Security (see page 16)

Control Table Access Using SQL Resources or OPSGLOBAL (see page 22)

How Security Options Interact

An understanding of all the options and how they interact is essential to choosing the right combination for your site. CA OPS/MVS has several security options that can interact in the following ways: authority of the user initiating the request. command or function was issued, for example: ± Commands and functions that are issued from within a REXX program and initiated from the CA OPS/MVS address space use the user ID assigned to the

CA OPS/MVS started task.

± When users execute commands and functions on one of the OSF servers, security uses the value in OSFCONSOLE or OSFPRODUCT to verify the following resources: to NOSECURITY. the following OSF parameters as shown:

OSFSECURE CHECKUSERID

OSFCONSOLE

OSFPRODUCT

site-defined-userid Specifies the user ID to authorize for any or all of the CA OPS/MVS facilities secured using external security.

How Security Options Interact

14 Security Guide

± Checks for TSO OPER authority.

± Checks for the existence of security rules and calls the rule when defined. ± Calls the user exit when no security rule exists for the event. Generally, when EXTSECURITY is OFF, the logic flow does not change. ± The SAF call reviews the security for external security resources as follows: rules provide a greater degree of refinement than external security. further checks. ± CA OPS/MVS calls the user exit OPUSEX, if available, when no security rule exists for the event. When EXTSECURITY is ON its external resource checking takes control except for the security rules, which can still be coded to supplement or refine it. Review the following security rules, which perform more specific checks:

Limit Update Authority to Specific Parameters

You want the user OPSUSR to read and update all CA OPS/MVS parameters except when it involves changing the STATEMAN parameter to a new value. This setting limits the access authority of the user.

Follow these steps:

1. Turn on external security.

EXTSECURITY=ON

2. Grant user OPSUSR UPDATE access to the external security resource

OP$MVS.OPSPARM.

3. Use the following security rule to prevent any user from setting the STATEMAN

parameter to a new value:

How Security Options Interact

Chapter 2: External Security Considerations 15

)SEC OPSPARM )PROC

IF SEC.AUPAPANA = 'STATEMAN' THEN

RETURN REJECT

ELSE

RETURN NOACTION

The external security check permits all other OPSPARM calls.

Limit Specific Users Update Authority

Use security rules to limit user access to resources: master SSM table (STCTBL). You can limit update authority to specific users. The following security rule does a more specific security check when you limit the authority of your users.

Follow these steps:

1. Turn on external security.

EXTSECURITY=ON

2. Grant the user OPSADMIN UPDATE access to external security resource

OP$MVS.SQL.*.

3. Use the following security rule to allow a specific user to access the STCTBL table:

)SEC SQL* )PROC IF SEC.AUSQTBLS <> 'STCTBL' THEN RETURN 'NOACTION'

IF SEC.OPAUJBNA = 'SSMADMIN' THEN

RETURN ACCEPT

ELSE

RETURN REJECT

External security check permits all other SQL calls.

Prepare to Use External Security

16 Security Guide

Prepare to Use External Security

If you want to use external security, set the following OSF parameters as shown:

OSFSECURITY = CHECKUSERID

OSFCONSOLE = userid1

OSFPRODUCT = userid2

The variables userid1 and userid2 are user IDs at your site that are secured using your security package.

Prepare to Use External Security

Chapter 2: External Security Considerations 17

Set Parameters that Allow External Security

Before you can use external security, set values for the following parameters:quotesdbs_dbs25.pdfusesText_31
[PDF] Benutzerdefinierte Diagrammsignaturen in Karten

[PDF] Benutzerhandbuch cobas c111 System

[PDF] Benutzerhandbuch deutsch

[PDF] Benutzerhandbuch für Business-Intelligence

[PDF] Benutzerhandbuch für Oszilloskope der Serie Tektronix 4000

[PDF] benutzerhandbuch für trockentauchanzug

[PDF] Benutzerhandbuch Microsoft Dynamics ™ NAV 4.0

[PDF] Benutzerhandbuch Nord Stage 2 EX 88 Nord Stage

[PDF] Benutzerhandbuch Nützliche Hinweise

[PDF] Benutzerhandbuch RedDot Laser

[PDF] Benutzerhandbuch vicosys5300

[PDF] Benutzerhandbuch zu iDRAC 8/7 Version 2.30.30.30

[PDF] Benutzerhinweise zu den sozialen Erwerbssituationen

[PDF] Benutzerinformationen für tragbare Feuerwehrleitern EN 1147

[PDF] Benutzung von Gehörschutz