How to setup Security for XCOM
search cancel

How to setup Security for XCOM

book

Article ID: 264908

calendar_today

Updated On:

Products

Top Secret - VSE

Issue/Introduction

We have XCOM and Top Secret for VSE, how do we setup all the required security rules for XCOM to function n a secured methodology?

Environment

VSE any supported level

Top Secret for VSE any supported level

XCOM any supported level

Resolution

Please note that all entries enclosed in braces are to be replaced by the TSS administrator.

 

Establish a TSS facility by adding the following statements to the TSS parameter file (an IPL or restart of TSS is required) -

FACILITY(USER{nnn}=NAME=XCOM)

FACILITY(XCOM=NOASUBM)

FACILITY(XCOM=NOLUMSG)

FACILITY(XCOM=NOSTMSG)

Create an accessor ID for the XCOM server by issuing the following TSS commands -

TSS CREATE(XCOM) NAME('XCOM SERVER') DEPARTMENT({accessor-ID-8}) PASSWORD({password-str-8},0)

TSS ADDTO(XCOM) FACILITY(BATCH)

TSS ADDTO(XCOM) MASTFAC(XCOM)

TSS ADDTO(XCOM) NOPWCHG

 

Establish ownership of XCOM resources by issuing the following TSS commands -

TSS ADDTO({accessor-ID-8}) IBMFAC(XCOM.)

 TSS ADDTO({accessor-ID-8}) OPERCMDS(XCOM.)

For each user who requires the capability to issue XCOM administrative commands and/or send and/or receive files via XCOM, issue the following TSS command -

TSS ADDTO({accessor-ID-8}) FACILITY(XCOM)

For each user who requires access to send and/or receive from a particular XCOM destination, issue one or more of the following TSS command (see Chapter 4 "Security Considerations" in the XCOM Administrator Guide for details) -

TSS PERMIT({accessor-ID-8}) IBMFAC(XCOM.{applsec-ID-8}.IP.{dest-ID-8}.RECEIVE.L) ACCESS(READ)

TSS PERMIT({accessor-ID-8}) IBMFAC(XCOM.{applsec-ID-8}.IP.{dest-ID-8}.RECEIVE.R) ACCESS(READ)

TSS PERMIT({accessor-ID-8}) IBMFAC(XCOM.{applsec-ID-8}.IP.{dest-ID-8}.SEND.L) ACCESS(READ)

TSS PERMIT({accessor-ID-8}) IBMFAC(XCOM.{applsec-ID-8}.IP.{dest-ID-8}.SEND.R) ACCESS(READ)

TSS PERMIT({accessor-ID-8}) IBMFAC(XCOM.{applsec-ID-8}.LU.{dest-ID-8}.RECEIVE.L) ACCESS(READ)

TSS PERMIT({accessor-ID-8}) IBMFAC(XCOM.{applsec-ID-8}.LU.{dest-ID-8}.RECEIVE.R) ACCESS(READ)

TSS PERMIT({accessor-ID-8}) IBMFAC(XCOM.{applsec-ID-8}.LU.{dest-ID-8}.SEND.L) ACCESS(READ)

TSS PERMIT({accessor-ID-8}) IBMFAC(XCOM.{applsec-ID-8}.LU.{dest-ID-8}.SEND.R) ACCESS(READ)

 

For each user who requires the ability to issue XCOM administrative commands, issue one or more of the following TSS command (see Chapter 4 "Security Considerations" in the XCOM Administrator Guide for details) -


TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.ACTIVATE.{dest-ID-8}) ACCESS(UPDATE)

 TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.CANCEL.{dest-ID-8}.IMMED) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.CANCEL.{dest-ID-8}.PURGE) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.CANCEL.{dest-ID-8}.SUSPEND) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.CNOS.{member-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DATE.{dest-ID-8}.{owner-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DELETE.{dest-ID-8}.{owner-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.AGE) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.CATALOG) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.CLASS) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.DIR) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.DUMPCL) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.EDESC) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.EROUT) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.ERRINTV) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.IDESC) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.IROUT) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.LOG) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.LOGCL) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.LOGDEST) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.MAXLOC) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.MAXREM) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.MAXTASK) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.PRI) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.POWINTV) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.REMAGE) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.SEC) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.TCPSESS) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DFLT.USERD) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DISABLE.{member-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DISPLAY.{dest-ID-8}) ACCESS(READ)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.DUMP.{dest-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.ENABLE.{member-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.EPRTY.{dest-ID-8}.{owner-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.EXIT.{exit-data-8}) ACCESS(READ)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.HOLD.{dest-ID-8}.{owner-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.INQ) ACCESS(READ)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.LIST.{member-ID-8}) ACCESS(READ)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.LOGFREE) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.NOTRACE.{dest-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.NSASTAT) ACCESS(READ)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.RELEASE.{dest-ID-8}.{owner-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.RESET.{dest-ID-8}) ACCESS(UPDATE)

 TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.RESUME.{dest-ID-8}.{owner-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.RSHOW.{dest-ID-8}.{owner-ID-8}) ACCESS(READ)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.SHOW.{dest-ID-8}.{owner-ID-8}) ACCESS(READ)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.SNAP) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.SPRTY.{dest-ID-8}.{owner-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.STOP.IMMED) ACCESS(CONTROL)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.SUSPEND.{dest-ID-8}.{owner-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.TERM.{dest-ID-8}.{owner-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.TIME.{dest-ID-8}.{owner-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.TRACE.{dest-ID-8}) ACCESS(UPDATE)

TSS PERMIT({accessor-ID-8}) OPERCMDS(XCOM.{applsec-ID-8}.VERSION) ACCESS(READ)

 

For each user who requires the capability to send files via XCOM, issue the following TSS command -

TSS PERMIT({accessor-ID-8}) DSN({dataset-ID-44}) ACCESS(READ) FACILITY(XCOM)

 

For each user who requires the capability to receive files via XCOM, issue the following TSS command -

TSS PERMIT({accessor-ID-8}) DSN({dataset-ID-44}) ACCESS(ALL) FACILITY(XCOM)

Powered by Wolken Software