Landmark Lighting D20R2-06/99 User Manual

Page 19

Advertising
background image

When a user tries to use a secured function, a security
authorization call is made to verify that the user has the necessary
security clearance. The following information is used in the
security check:

User ID

Password (for a sign-on attempt only)

Function ID

Access, or authorization, level (NONE, READ, UPDT, CNTL, or
ALTR) of the user ID for the function. Access levels are
described in “Detail Profile Definition,” later in this chapter.

Some Landmark product functions require a primary resource or
both a primary and a secondary resource. These functions are
generically referred to as resource functions. Functions that do not
require resources are called system functions.

TMON for CICS primary resources are job names; secondary
resources are not used.

TMON for DB2 primary resources are DB2 subsystem names;
secondary resources are DB2 plan names.

TMON for DBCTL primary resources are DBCTL subsystem
names; secondary resources are not used. (The primary
resource needed to access a DBCTL subsystem is the DBCTL
subsystem name; thereafter, it is the object name.)

TMON for MQSeries primary resources are queue manager and
object names; secondary resources are not used. (The primary
resource needed to access a queue manager is the queue
manager name; thereafter, it is the object name.)

TMON for MVS primary resources are job names or volume
serial numbers; secondary resources are not used.

Primary and secondary resources qualify the security authorization
check. For functions specifying a primary resource, a security
check is made for the function with the specific primary resource.
(For TMON for DB2, if a secondary resource is specified, the
security check is made for the function with both the primary and
secondary resources.) The user is restricted to using the function
only for the resource(s) specified.

TMON for CICS example

Suppose you want to restrict the job names displayed on the Job
Selection List screen for a given user. In the following example,
only jobs with job names starting with “DEV” and “TEST” are
displayed on the Job Selection List screen for user ID SAMPLE.

User ID:

SAMPLE

Password:

Not needed for this security check

Function ID:

JOBLIST

Chapter 2: Security Definitions

How Product Security Works

The Monitor for MVS 2.0

2-3

System Administrator’s Guide

Advertising
Popular Brands
Popular manuals