Top Secret r16.0 and Top Secret r15.0 Shared Security File
search cancel

Top Secret r16.0 and Top Secret r15.0 Shared Security File

book

Article ID: 31405

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

Can a Top Secret r16.0 system share Top Secret files (BDAM and VSAM security and backup files, audit and tracking files, recovery file, and CPF recovery file) with a Top Secret r15.0 system or be backed out from r16.0 to r15.0 using the same security files?

Environment

Top Secret 15.0
Top Secret 16.0
 

Resolution

You may come up with Top Secret r16.0 on one side of a shared security file and Top Secret r15.0 on the other side without issues.  There is no need to reformat a security file simply to test base Top Secret r16.0.  You can also reformat a Top Secret security file under r16.0 and share with an r15.0 system as long as you do not turn on any features within r16.0 that will cause security file structure changes. 

The current Top Secret r16.0 features that would alter the security file format and, therefore, disallow sharing are: 

Increased ACID Size Limit (MAXACIDSIZE)

An increased ACID size limit is now available. When creating a security file, you can assign a maximum value of 1024 for the optional MAXACIDSIZE parameter.

Control Option for Storing Facility Matrix Entries on the Security File

A new control option (FACSTOR) lets you store facility matrix entries on the security file (instead of the parameter file). When you specify FACSTOR(YES), entries are hardened to the security file after the product is restarted. Any changes to the entries are automatically stored on the security file (and logged to the recovery file). (This will not actually be a problem when sharing with r15.0, but the facility parameters will still need to be maintained on r15.0 separately.)

Support for 256-Bit AES Encryption of Passwords/Password Phrases

Top Secret now supports 256-bit AES encryption of passwords and password phrases.

Important!

  • A security file that has 256-bit AES encryption enabled cannot be shared with Top Secret r15 (and earlier) systems. If you want 256-bit AES encryption while sharing the file, ensure that all shared systems are at least Version 16.

As each new feature is released it will be stated whether or not that feature will be available on in a shared environment with r15.0.

The other Top Secret r15 files can be used in Top Secret r16:
- Audit and tracking files (AUDIT and AUDIT2 DD statements in the Top Secret startup proc)
- Recovery file (RECFILE DD statement in the Top Secret startup proc)
- CPF recovery file (CPFFILE DD statement in the Top Secret startup proc)