Designated jobs and online users (or profiles) can be restricted to enter the system from designated terminals and readers. This is source of origin security. Adding SOURCE to a profile affects all users attached to that profile.

Source restriction is always checked during signon.

To restrict a user to a specified terminal/reader, enter the command:

TSS ADDTO(acid) SOURCE(terminalID/reader)

Examples: grant access by source of origin

This example restricts USER01 to signing on from terminal TESTNY002 only:

TSS ADDTO(USER01) SOURCE(TESTNY002)

Terminal TESTNY002 does not have to be defined to Top Secret to be a source. However, if the specified terminal is a protected resource, be sure the user is permitted to access it:

TSS PERMIT(USER01) TERMINAL(TESTNY002)

A source of origin restriction overrides TERMINAL authorization. If USER01 has a source restriction of TESTNY002 and USER01 is permitted to access terminal TESTNY999 as shown above, an attempt by USER01 to sign on from TESTNY999 results in a security violation.