ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Is Top Secret Replay-Resistant?

book

Article ID: 50222

calendar_today

Updated On:

Products

Cleanup Datacom DATACOM - AD CIS COMMON SERVICES FOR Z/OS 90S SERVICES DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS COMMON PRODUCT SERVICES COMPONENT Common Services Datacom/AD CA ecoMeter Server Component FOC EASYTRIEVE REPORT GENERATOR FOR COMMON SERVICES INFOCAI MAINTENANCE IPC UNICENTER JCLCHECK COMMON COMPONENT Mainframe VM Product Manager CHORUS SOFTWARE MANAGER CA On Demand Portal CA Service Desk Manager - Unified Self Service PAM CLIENT FOR LINUX ON MAINFRAME MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME GRAPHICAL MANAGEMENT INTERFACE WEB ADMINISTRATOR FOR TOP SECRET Xpertware Top Secret Top Secret - LDAP Top Secret - VSE

Issue/Introduction

Description:

Can you find out if CA Top Secret is replay-resistant?

The information system uses [Assignment: organization-defined replay-resistant authentication mechanisms] for network access to privileged accounts.

Solution:

CA Top Secret provides support for passtickets which are used for one time use.

In addition, Top Secret also provides complete audit capability for both privileged and non-privileged accounts.

These audit trails, in unison with the front end access point applications, provide the basis for replay-resistant support.

In addition to CA Top Secret CA also offers the CA Compliance Manager for z/OS product. This product further expands monitoring of privileged account usage. This includes automated notifications whenever an access policy has been tripped.

Environment

Release:
Component: AWAGNT