Set up Top SECRET (TSS) definitions when implementing PassTickets with IDMS
search cancel

Set up Top SECRET (TSS) definitions when implementing PassTickets with IDMS

book

Article ID: 44128

calendar_today

Updated On:

Products

IDMS

Issue/Introduction

Using PassTickets to access an IDMS CV system requires these definitional components:

  • Top Secret security definitions
  • Information defined in the IDMS security type table (SRTT).

The major components used in this process are the user id, the application id, the system id of the CV, the session key, and the resource class.

Environment

Release: All supported releases.

Resolution

Note: All of the following definitions are examples and can vary by installation, for instance if the session key is encrypted instead of masked. Other parameters can be selected for auditing, performance and other installation-specific needs.

Follow these steps:

  1. Create entries in the SRTT and issue supporting Top Secret commands to secure system signon externally. 
    Note: For more information, see Security definitions for TASK Codes in IDMS.

  2. Define the resource class PTKTDATA:

    TSS ADDTO(RDT) RESCLASS(PTKTDATA) ACLIST(ALL,READ,UPDATE) MAXLEN(37)

  3. Add IDMSDEPT department ownership for resources of class PTKTDATA:

    TSS ADDTO(IDMSDEPT) PTKTDATA(IRRPTAUTH)

  4. Add a session key for each applid (PSTKAPPL):

    TSS ADDTO(NDT) PSTKAPPL(IDMSSY01) SESSKEY(0123456789ABCDEF)
    TSS ADDTO(NDT) PSTKAPPL(IDMSSY02) SESSKEY(ABCDEF0123456789)

  5. Add permission for JOHN_SMITH to generate and use a PassTicket for SYSTEM 01:

    TSS PERMIT(JOHN_SMITH) PTKTDATA(IRRPTAUTH.IDMSSY01.JOHN_SMITH) ACCESS(READ,UPDATE)

Additional Information