How to check security call on native DB2 environment
search cancel

How to check security call on native DB2 environment

book

Article ID: 233872

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

TSSUTIL does not list TABLESPACE Event 

Since there are No TSS/DB2 and Native DB2 security is used, VSAM creation by STC DBM1 should be recorded.

Are there ways to check if security call is passed by the STC ? 

Environment

Release : 16.0

Component : Top Secret for z/OS

Resolution

SECTARCE and SAFTRACE should be checked.

SECTARCE:

1) TSS ADD(DBM1  acid) TRACE
2) TSS MODI(SECTRACE(ACT,WTL))
3) Create TABLESPACE
4) TSS MODI(SECTRACE(OFF))
5) TSS REM(DBM1 acid) TRACE

SAFTARCE:

1) Allocate PS dataset with LRECL=133 FB
2) Enter following command to setup SAFTRACE from console

ST SET,ID=TSS1,TYPE=SAF,JOBNAME=DB2EDBM1,DEST=DATASET,DSN=ps-dataset,FORMAT=DUMP,TRACE=ALL,END                         

3) Create TABLESPACE
4) Enter following command to delete SAFTRACE from console

ST DEL,ID=ALL  


If there are no records in the SECTRACE that usually means no RACROUTE was issued.
If no RACROUTE is issued by the application or z/OS then Top Secret can't stop unauthorized access and audit the event.

 

Powered by Wolken Software