Auditing Vollie Member deletes.

book

Article ID: 194149

calendar_today

Updated On:

Products

CA Top Secret - VSE

Issue/Introduction

Can Vollie VSE member deletes be audited by Top Secret via TSSUTIL audit report?

Environment

Release : 3.0

Component : CA Top Secret for z/VSE

Resolution

In order to Top Secret to Audit anything, a RACROUTE or CA SSF (CA Standard Security Interface) security checks must be issued without LOG=NONE. CA SSF is what Broadcom products use if they want Top Secret to control security.

LOG=NONE on the security call tell Top Secret not to AUDIT. Top Secret will respect this audit flag. The change must be made to the application to not specify LOG=NONE.

If a product doesnt issues and uses its own method of security, Top Secret will not be able to secure and audit that product.

Vollie has its own built in security called SAFE, but it also has the ability to secure VOLLIE using Top Secret by issue CA SSF calls. You need to turn on the External Security Flag in the SYSTEM panels in VOLLIE. I used to do support for a number of VSE products and VM products from 1990 - 2000 before I moved to supporting Top Secret on z/OS, z/VSE and z/VM and its various components and add ons.

Vollie allows you to access VSE member, Librarian member, and OLL members.

Vollie currently doesnt have the functionality to protect OLL member and Librarian member with external security. The only option is to use VOLLIE internal SAFE security.

Please see Chapter 3 which discusses how to secure VSE members with Top Secret.

Even though Vollie uses CA SSF it also uses LOG=NONE on its security calls which prevents auditing from being done in Top Secret.

Please submit an enhancement request to Vollie, so auditing Vollie member access with Top Secret can be considered for a future release of Vollie.