Top Secret command equivalent for RACF's "Protected" attribute

book

Article ID: 103008

calendar_today

Updated On:

Products

CA Top Secret CA Top Secret - LDAP

Issue/Introduction



Is there a Top Secret command equivalent for RACF's "Protected" attribute?

Environment

Release:
Component: TSSMVS

Resolution

There is no Top Secret equivalent for RACF's "Protected" attribute 
We do have OPTIONS(4) setting along with SOURCE restriction available. 
OPTION 4 is will let started task run in the STC facility without the 
requirement to signon with a password. Everywhere else it will be required to 
signon with a password. BUT, if you dont give the password out to anyone, 
they will not be able to signon with it anywhere else. 

CA Top Secret is security check driven. So if a aignon security check 
is issued at the point of entry with the IP address, CA Top Secret 
can restrict entry via SOURCE keyword. SOURCE controls which terminals 
or IP addresses an acid can signon to. But the key is, the IP address 
must be provided at the signon, if not, CA Top Secret cannot enforce 
the SOURCE restriction. Please see the Command Functions Guide for 
more details about the SOURCE keyword/restriction.