What is the equivalent in CA Top Secret for the RACF RESTRICTED attribute?
In RACF, this function means that only what is permitted directly to the user is assumed to control access without searching other rules/records such as the 'ALL' record with TSS.
TSS does NOT have an attribute that would prevent the ALL record from being searched if no match is found in the user record or connected profile(s). If you want to override a permit in the ALL record you must give an explicit matching permit to the user with e.g. ACCESS(NONE).