advantage ca-roscoe interactive environment · rpf language guide describes all components of the...

Security Administration Guide r6

Advantage CA-Roscoe

Interactive Environment

This documentation and any related computer software help programs (hereinafter referred to as the “Documentation”) is for the end user’s informational purposes only and is subject to change or withdrawal by CA at any time.

This Documentation may not be copied, transferred, reproduced, disclosed, modified or duplicated, in whole or in part, without the prior written consent of CA. This Documentation is confidential and proprietary information of CA and protected by the copyright laws of the United States and international treaties.

Notwithstanding the foregoing, licensed users may print a reasonable number of copies of the documentation for their own internal use, and may make one copy of the related software as reasonably required for back-up and disaster recovery purposes, provided that all CA copyright notices and legends are affixed to each reproduced copy. Only authorized employees, consultants, or agents of the user who are bound by the provisions of the license for the product are permitted to have access to such copies.

The right to print copies of the documentation and to make a copy of the related software is limited to the period during which the applicable license for the Product remains in full force and effect. Should the license terminate for any reason, it shall be the user’s responsibility to certify in writing to CA that all copies and partial copies of the Documentation have been returned to CA or destroyed.

EXCEPT AS OTHERWISE STATED IN THE APPLICABLE LICENSE AGREEMENT, TO THE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS DOCUMENTATION “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT. IN NO EVENT WILL CA BE LIABLE TO THE END USER OR ANY THIRD PARTY FOR ANY LOSS OR DAMAGE, DIRECT OR INDIRECT, FROM THE USE OF THIS DOCUMENTATION, INCLUDING WITHOUT LIMITATION, LOST PROFITS, BUSINESS INTERRUPTION, GOODWILL, OR LOST DATA, EVEN IF CA IS EXPRESSLY ADVISED OF SUCH LOSS OR DAMAGE.

The use of any product referenced in the Documentation is governed by the end user’s applicable license agreement.

The manufacturer of this Documentation is CA.

Provided with “Restricted Rights.” Use, duplication or disclosure by the United States Government is subject to the restrictions set forth in FAR Sections 12.212, 52.227-14, and 52.227-19(c)(1) - (2) and DFARS Section 252.227-7014(b)(3), as applicable, or their successors.

All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.

Copyright 2005 CA. All rights reserved.

Contents

About This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v

Chapter 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-11.1 Security Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2

1.1.1 Internal Security in Release 6.0 and Above . . . . . . . . . . . . . . 1-21.1.2 External Security in Release 6.0 and Above . . . . . . . . . . . . . 1-3

1.2 Security Coverage (External) . . . . . . . . . . . . . . . . . . . . . . . . . 1-41.2.1 External Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-41.2.2 Sign-on Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-41.2.3 Privileged Command Security . . . . . . . . . . . . . . . . . . . . . 1-61.2.4 Data Set Access Security . . . . . . . . . . . . . . . . . . . . . . . . . 1-61.2.5 ETSO Program Call Security . . . . . . . . . . . . . . . . . . . . . . 1-61.2.6 Library Maintenance Security . . . . . . . . . . . . . . . . . . . . . . 1-61.2.7 Monitor Routine Security . . . . . . . . . . . . . . . . . . . . . . . . 1-71.2.8 RPF Command Security . . . . . . . . . . . . . . . . . . . . . . . . . 1-71.2.9 JES Spool Access Security . . . . . . . . . . . . . . . . . . . . . . . . 1-8

Chapter 2. Resource Names . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-12.1.1 Defining Advantage CA-Roscoe Security Requirements . . . . . . 2-22.1.2 Access Attribute Translation . . . . . . . . . . . . . . . . . . . . . . 2-3

2.1.2.1 Advantage CA-Roscoe Commands . . . . . . . . . . . . . . . . 2-32.1.2.2 Advantage CA-Roscoe External Resources . . . . . . . . . . . 2-8

Chapter 3. Controlling Advantage CA-Roscoe With eTrust CA-ACF2 . 3-13.1 Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23.2 Writing eTrust CA-ACF2 Rules . . . . . . . . . . . . . . . . . . . . . . . 3-33.3 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4

Chapter 4. Controlling Advantage CA-Roscoe With eTrust CA-TopSecret . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1

4.1 Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-24.2 eTrust CA-Top Secret Cross-Authorizations . . . . . . . . . . . . . . . . 4-44.3 RPF Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5

Chapter 5. Controlling Advantage CA-Roscoe with RACF . . . . . . . . 5-15.1 Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-25.2 Writing RACF Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3

5.2.1 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4

Contents iii

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . X-1

iv Security Administration Guide

About This Guide

The Security Administration Guide describes how sites can protect theirAdvantage CA-Roscoe system. It explains how to use internal security, externalsecurity, or a combination of both.

Organization

CHAPTER DESCRIPTION

1 Introduces Advantage CA-Roscoe Internal and Externalsecurity and provides an overview of Advantage CA-Roscoefeatures to protect.

2 Describes Advantage CA-Roscoe resource names and liststhe resources and their corresponding commands in tableformat.

3 Describes protecting Advantage CA-Roscoe using eTrustCA-ACF2

4 Describes protecting Advantage CA-Roscoe using eTrustCA-Top Secret.

5 Describes protecting Advantage CA-Roscoe using IBM'sRACF.

About This Guide v

Summary of Revisions for Service Pack 5

Editorial and minor technical changes have been made throughout thismanual.

vi Security Administration Guide

Summary of Revisions for This Edition

1. Added the following note under "Sign-on Security" on page 1-4:

When ACFEXT=YES is specified in the Advantage CA-Roscoe SYSINstream, Advantage CA-Roscoe invokes SAF standard security calls.Resource class APPL needs to be defined for sign-on security becauseAdvantage CA-Roscoe passes the parameter APPL= on the RACROUTEmacro that is issued. See the RACF Security Administrators Guide for moredetails.

2. Added the following note under "Privileged Command Security" on page1-4:

If external security is in effect, it will override privileged commandrestrictions set in the User Profile. The profile settings are used, however, ifexternal security is in WARN mode, or if internal security is in effect.

3. Deleted the WRITE access attribute from the table on page 2-3.

About This Guide vii

Summary of Revisions

External security has been added for the following:

■ Advantage CA-Roscoe Programming Facility (RPF)■ Data sets external to Advantage CA-Roscoe■ JES SPOOL access

External security has also been added for two new privileges:

■ UPS Administrator ■ Library Administrator

viii Security Administration Guide

Advantage CA-Roscoe Publications

The following publications are supplied with Advantage CA-Roscoe InteractiveEnvironment. They are divided into a User Series and a System Series.

User SeriesName

Contents

Command ReferenceGuide

Describes all Advantage CA-Roscoe primary andline commands and Monitor commands.

Extended DevelopmentTools Guide

Describes how: 1) the Application ProgrammingInterface (API) can be used by applicationsexecuting under ETSO to take advantage ofAdvantage CA-Roscoe facilities, and 2) theinteractive facilities provided by SKETCH can beused to generate and maintain panels used inprograms running under CICS or IMS.

Getting Started Introduces Advantage CA-Roscoe tonon-programmers.

Release Guide Provides a summary of the enhancements includedin this release.

RPF Language Guide Describes all components of the RPF language andhow to write RPF programs. It also describes theDialog Management Facility (DMF) which can beused to develop, maintain and execute panel-drivenRPF applications.

User Guide Provides task-oriented descriptions of how to useAdvantage CA-Roscoe.

About This Guide ix

System SeriesName

Contents

Extended Facilities forSystem ProgrammersGuide

Describes how sites can make extensions to theirAdvantage CA-Roscoe system. This includescreating site-written Monitor routines andcustomizing security and other online exits.

Installation Guide Describes the steps to follow when installing orupgrading Advantage CA-Roscoe.

Messages and CodesGuide

Explains all messages that might be received byindividuals using Advantage CA-Roscoe or by theindividual responsible for maintaining AdvantageCA-Roscoe.

Programs and UtilitiesGuide

Describes Advantage CA-Roscoe executionrequirements. Also describes maintenance andreporting programs for the accounting facility,Active Work Space (AWS), library system, and userprofile system.

Security AdministrationGuide

Describes implementation of internal and externalsecurity to protect your Advantage CA-Roscoesystem.

System Commands Guide Describes commands used to control and monitorAdvantage CA-Roscoe and to obtain performanceinformation about that execution.

System Reference Guide Intended for the individual responsible formaintaining Advantage CA-Roscoe. It describesAdvantage CA-Roscoe and its components.

x Security Administration Guide

Related Publications

The CA Common Services r11 for z/OS SP6 (formerly known as UnicenterTNG Framework for OS/390 and CA Common Services for z/OS and OS/390Services) documentation can be found on http://supportconnect.ca.com.

The following manuals relate to Advantage CA-Roscoe and are onhttp://supportconnect.ca.com.

Title Contents

Advantage CA-Earl Reference Guide Contains detailed information aboutAdvantage CA-Earl statements,parameters, and coding rules. Alsoexplains the Advantage CA-EarlReporting Service.

Advantage CA-Earl User Guide Designed for users interested inlearning about Advantage CA-Earl. Itpresents an introduction toAdvantage CA-Earl features andcapabilities.

Advantage CA-Earl SystemsProgrammer Guide

Lists the installation options forAdvantage CA-Earl and instructionsfor modifying them. Also describessize requirements and programexecution.

Advantage CA-Earl Examples Guide Contains sample programs that showa variety of common applications.

About This Guide xi

CA Common Services for z/OS

CA Common Services for z/OS are a common set of services that may be usedby any MVS Computer Associates product. These services are maintainedseparately from the product and are documented and installed separately aswell. Advantage CA-Roscoe uses CAIRIM for installation services and security.

Licensing Management Program (LMP)

Advantage CA-Roscoe now interfaces with CAIRIM services to determineproduct licensing authorization.

xii Security Administration Guide

Chapter 1. Introduction

This document describes Advantage CA-Roscoe security, as implemented inRelease 6.0. It provides information about security features, as well asinstallation suggestions and instructions for the Advantage CA-Roscoeadministrator and the security administrator.

Implementation of external security for Advantage CA-Roscoe should be acooperative effort between both administrators.

This guide describes:

■ the security features available in Release 6.0■ a detailed description of external security■ a detailed description of internal security■ details on converting from internal security to external security■ a description of the installation options■ examples of implementation in eTrust CA-Top Secret, eTrust CA-ACF2,

and IBM's RACF

Chapter 1. Introduction 1-1

1.1 Security Overview


Release 5.7 (and earlier) of Advantage CA-Roscoe offered interfaces to externalsecurity systems such as eTrust CA-Top Secret, eTrust CA-ACF2, and IBM'sRACF. Security at that level is a combination of User Profile's, AdvantageCA-Roscoe prefixes, (referred to here as internal security) and calls to user exitswhich perform security testing or access a security package. At that levelusers must code an exit in order to have an interface with any external securitypackage.

Advantage CA-Roscoe Release 6.0 and above, contains built in interfaces foreTrust CA-Top Secret, eTrust CA-ACF2, and any SAF compatible securitypackage, such as IBM's RACF. These interfaces are referred to here as externalsecurity.

1.1.1 Internal Security in Release 6.0 and AboveInternal security for Advantage CA-Roscoe Release 6.0 (and above) uses theUser Profiles and Advantage CA-Roscoe prefixes for various AdvantageCA-Roscoe features. Exits can be used to provide additional security. Together,these measures make up the same security that has been provided in previousAdvantage CA-Roscoe releases. (For information about the User ProfileSystem, see the Advantage CA-Roscoe System Reference Guide.)

Security is provided for RPFs through external security only. Internal securityfor RPFs is the same as it has been in previous releases of AdvantageCA-Roscoe.

The security exit ACFEXIT is completely supported, and is called at sign-on,sign-off, password change, and terminal unlock. Users can interface withexternal security packages from this exit, but the built in external securityinterface is recommended for this feature. (For a full description of theACFEXIT, see the Advantage CA-Roscoe Extended Facilities for SystemProgrammers Guide.)

Note: You can use the ACFEXIT while external security is being defined.

To use internal security, ensure that the Advantage CA-Roscoe SYSINparameters shown in Table 2-1 on page 2-2 are defined to NO. This tellsAdvantage CA-Roscoe not to make security calls. Chapter 2, "ResourceNames", explains how to define security resources. You can then proceed to setup your Advantage CA-Roscoe environment as in previous releases.

1-2 Security Administration Guide


1.1.2 External Security in Release 6.0 and AboveAdvantage CA-Roscoe, Release 6.0 and above, has a built-in interface for yourinstallation's external security package. This interface meets most of the sign-onsecurity requirements, privileged command security requirements, data setaccess requirements, and JES SPOOL access for Advantage CA-Roscoe users.

Note: Calls will still be made to the ACFEXIT, DSAEXIT, and OUTEXIT ifthey are in the Advantage CA-Roscoe load library.


1.2 Security Coverage (External)


The following list describes how Advantage CA-Roscoe 6.0 uses externalsecurity to protect several common Advantage CA-Roscoe features.

1.2.1 External SecurityThis section will define all available features built into the external securityfacility. The features defined here do not require any user-written code.

1.2.2 Sign-on SecurityThe user signing directly on to Advantage CA-Roscoe will use the existingsign-on method to enter a user ID, group code, password, and optional newpassword. Validation will be done directly with the security package.Changing the user's password will be supported for all security packages, bothwhen it is expired and at the user's request.

During the sign-on process, sign-on information is retrieved from the UserProfiling System (UPS), and from the site security system. This information isthen used for the duration of the Advantage CA-Roscoe user session. Thecoding of the ACFEXIT for sign-on verification is no longer necessary unlesseTrust CA-Top Secret or eTrust CA-ACF2 is used and a site is usingsegmented ROSCOE keys, in which case the ACFEXIT supplied with thoseproducts must be used. (See the Advantage CA-Roscoe System Reference Guidefor complete information about the UPS.)

At Advantage CA-Roscoe initialization, initial security calls check theparameter EXTSEC=. This parameter defines the external security package tobe called. If you will be using external security, you must specify the name ofthat security package. The accepted names are:

ACF2 ALERT RACF SAC SECURE TSS NONE

In addition, the initialization parameter ACFEXT= should be set to YES in theAdvantage CA-Roscoe SYSIN stream.

■ If a specific security package is used, Advantage CA-Roscoe invokespackage-specific processing and prevents user passwords from beingvisible on the UPSMAINT display or included in the UPSLIST report.Instead, the word "EXTERNAL" will appear on the display and in thereports.



So, if any value other than NONE is specified for EXTSEC=, the followingwill take place:

1. The word "EXTERNAL" will be moved to the UPS password.

2. A verify will be done to check that the password is not blank(SCBACFB checked; if TSS, this will be SCBSENV).

3. If SAF security is used, mirror sign on from XTPM will be allowed.

■ If EXTSEC=NONE is defined, external security sign-on processing doesnot occur and user passwords are visible in UPSMAINT and UPSLIST.Any site-written Advantage CA-Roscoe exit routines are in effect, and thefollowing will occur:

1. The AUTH check will be skipped for the DSN info request. (If usingSECURE, the internal DSN password check will be skipped.)

2. If internal security is active, the UPS password will be used. (If usingTSS, the application name (APPL=) will be cleared in the VERIFYcheck.)

Note: A value of NONE for EXTSEC= is only applicable to user sign-onprocessing. It has no effect on external security processing forprivileged commands, data set access, ETSO programs, librarymaintenance, monitor routines, RPF commands, or JES spool access.Contrary to its implication, it does not prevent an external securitypackage from being invoked.

When EXTSEC=NONE, password scrambling is not performed; it isperformed when EXTSEC= a specific external security package.

If you do not want to invoke an external security package duringAdvantage CA-Roscoe processing, specify 'NO' for all of thefollowing initialization (SYSIN) parameters:

ACFEXT=NO CLLEXT=NO JOBEXT=NO LIBEXT=NO MONEXT=NO PRVEXT=NO RPFEXT=NO UPSEXT=NO

| When ACFEXT=YES is specified in the Advantage CA-Roscoe SYSIN stream,| Advantage CA-Roscoe invokes SAF standard security calls. Resource class| APPL needs to be defined for sign-on security because Advantage CA-Roscoe| passes the parameter APPL= on the RACROUTE macro that is issued. See the| IBM RACF Security Administrators Guide for more details.



1.2.3 Privileged Command SecurityAdvantage CA-Roscoe Release 6.0 allows sites to permit the use of AdvantageCA-Roscoe privileged commands that were restricted to the RO/AI and UPSaccounts in previous releases. With the external security interface, AdvantageCA-Roscoe Release 6.0 removes these restrictions, and allows any user to haveaccess to these privileged commands as defined by the site security rules.When external security is being used, the RO/AI accounts are also governedby the same security rules. The UPS account is not governed by externalsecurity and is authorized to add, update, and delete Advantage CA-Roscoesign-on keys. No exits are necessary to enable this function.

Note: If external security is in effect, it will override privileged commandrestrictions set in the User Profile. The profile settings are used,however, if external security is in WARN mode, or if internal securityis in effect.

By default, users are initially denied access to all privileged commands. Toexecute a privileged command, a user must first issue the SET PRIVILEGEcommand specifying the ON operand. See the Advantage CA-Roscoe SystemCommands Guide for complete information about the SET PRIVILEGE commandand all privileged commands.

1.2.4 Data Set Access SecurityAdvantage CA-Roscoe Release 6.0 allows sites to control individual access todata sets external to Advantage CA-Roscoe. The use of the DSAEXIT for thepurpose of controlling data set access is no longer necessary.

1.2.5 ETSO Program Call SecurityAdvantage CA-Roscoe Release 6.0 allows sites to control individual access tothe program calls that are made by the Extended Time Sharing Option (ETSO)of Advantage CA-Roscoe. When external security is being used, resource callsare made which contain the name of the program being called. The coding ofthe CLLEXIT for this purpose is no longer necessary. (The CLLEXIT isdescribed fully in the Advantage CA-Roscoe Extended Facilities for SystemProgrammers Guide.) Sites can also restrict the use of ETSO entirely for anindividual. (See the Advantage CA-Roscoe System Reference Guide for completeinformation about ETSO set up.)

1.2.6 Library Maintenance SecurityAdvantage CA-Roscoe Release 6.0 allows sites to permit or deny access to theprivileged commands ALTER, DELETE, RENAME, SAVE, and UPDATE fordaily Advantage CA-Roscoe library maintenance. Regardless of the wayAdvantage CA-Roscoe security groups are established, a user defined as aLibrary Administrator can perform the commands listed above on any user'sAdvantage CA-Roscoe library members.



1.2.7 Monitor Routine SecurityAdvantage CA-Roscoe Release 6.0 allows sites to control individual access toMonitor routines. When external security is used, resource calls are madewhich contain the name of the monitor being invoked. The coding of theMONEXIT for security is no longer necessary. (The MONEXIT is described inthe Advantage CA-Roscoe Extended Facilities for System Programmers Guide. Seethe Advantage CA-Roscoe System Reference Guide for complete monitor usageinformation.)

1.2.8 RPF Command SecurityAdvantage CA-Roscoe Release 6.0 allows sites to permit or deny access toAdvantage CA-Roscoe RPFs (the Advantage CA-Roscoe Programming Facility)through external security. When external security is being used, the RO/AIaccounts and the Library Administrator accounts are also governed by thesame security rules.

When external security is active, resource calls are made which contain theprefix and RPF name to be executed. Calls to external security are not made ifthe RPF belongs to the user executing the RPF (if the RPF exists under theuser's Advantage CA-Roscoe key), or if the RPF member has the Restrictedattribute assigned to it.

Note: RPFs secured through external security must have the EXECONLYattribute assigned to them. This will prevent users authorized toexecute the RPF from accessing, changing, or deleting the externallysecured RPF.

RPFs having the RESTRICTED attribute will not cause AdvantageCA-Roscoe to make an external security call. Only the owner of theRESTRICTED RPF will be granted execution access to the member. TheLIB ADM has access to the RESTRICTED RPF member through allcommands other than the EXEC command (the LIB ADM cannotexecute a user's RESTRICTED RPFs).

The EXECONLY and RESTRICTED attributes refer to the accessattribute assigned to a Advantage CA-Roscoe RPF member at creationtime or the time of alteration.



1.2.9 JES Spool Access SecurityAdvantage CA-Roscoe Release 6.0 allows sites to control individual access todata sets residing on the JES Spool. When external security is being used, aAdvantage CA-Roscoe user executing the Attach Job Facility (AJOB command)will invoke a call to the external security system with a resource class ofJESSPOOL. The call to the external security system is done when the AttachJob Facility attempts to build a file table element for a job file.

The use of OUTEXIT to control which files a user can view is no longernecessary. Note also that the external security call to the JESSPOOL resourceclass is only done when the user attaches a job. A call is not made for theDETACH JOB or ALTER commands. Support for the JESSPOOL resource classis offered for MVS JES2 and JES3 at an SP level of 3.1.3 or higher.

Note: Please refer to IBM'S RACF v1 r9.2 Security Administrator's Guide forinformation about the JESSPOOL resource class. Please refer to theAdvantage CA-Roscoe Extended Facilities for System Programmers Guide,OUTEXIT section, for information about the OUTEXIT and file tables.


Chapter 2. Resource Names

To establish whether your site will be using internal or external security, useTable 2-1 on page 2-2 to define the types of security calls.

Note: See the section Security Overview on page 1-2 for detailed informationabout Internal/External Security.

Table 2-3 on page 2-3 and Table 2-4 on page 2-8 list the resource names andattributes of each Advantage CA-Roscoe command which can be protected bythe eTrust CA-ACF2, eTrust CA-Top Secret, or IBM's RACF security softwarepackages. These tables are to be used for external security; reference thesetables only when the parameters in Table 2-1 on page 2-2 are set to YES.

For your convenience, the information is presented in two formats. The tablescontain the same information, but Table 2-3 on page 2-3 is sorted byAdvantage CA-Roscoe command and Table 2-4 on page 2-8 is sorted byresource name.

To use Table 2-3 on page 2-3, select the Advantage CA-Roscoe command (inthe first column) that you want to protect. The second column indicates theformat of the resource name in the security call generated for that function.The third column, Attr, indicates the attribute assigned to theresource/command.

For eTrust CA-ACF2, the corresponding resource name is the value youspecify in the $KEY control statement. For eTrust CA-Top Secret, this is thevalue you insert as the ROSRES resource name.

The resource names used for Advantage CA-Roscoe commands are precededby the optional variable rosid. This variable determines the AdvantageCA-Roscoe system affected by the security call. If you run more than oneAdvantage CA-Roscoe system, each system may have a unique rosid.Specifying the rosid with the resource determines which Advantage CA-Roscoewill be protected. This enables your site to run multiple AdvantageCA-Roscoes at different security levels.

In order to have the optional variable rosid prefixed to the resource name, theAdvantage CA-Roscoe initialization parameter RESHLQ= must be specified asROSID.

Chapter 2. Resource Names 2-1

Table 2-4 on page 2-8 alphabetically lists resource names (in the first column).Use this table to reference specific resources and see which commands andattributes correspond to them.

2.1.1 Defining Advantage CA-Roscoe Security RequirementsThe type of security Advantage CA-Roscoe will use is based on the parametersspecified in the current Advantage CA-Roscoe SYSIN stream. Use thefollowing initialization (SYSIN) parameters to determine internal or externalsecurity access for specific Advantage CA-Roscoe components.

NO Specifies that Advantage CA-Roscoe is to use internal security, whereapplicable (RPF and JOB do not have internal security.) This is thedefault.

YES Specifies that Advantage CA-Roscoe is to use external security. If YESis specified, ROSRES class resource names must be defined to theexternal security system.

Note: Access to the Advantage CA-Roscoe user libraries is single threaded.This means that specifying RPFEXT=YES and LIBEXT=YES may resultin a performance degradation for all of Advantage CA-Roscoe.

Advantage CA-Roscoe sites that are running Release 5.8 and haveimplemented external security should specify YES to the parameters

Table 2-1. Define Security Access to Advantage CA-Roscoe

InitializationParameter

Description

ACFEXT=NO/YES Type of security to be used for user sign-on.

CLLEXT=NO/YES Type of security to be used to control user access tothe program calls made by ETSO.

JOBEXT=NO/YES Type of security to be used to control user access tothe JES SPOOLs through ATTACH JOB.

LIBEXT=NO/YES Type of security to be used to enable AdvantageCA-Roscoe Library Administrator functions.

MONEXT=NO/YES Type of security to be used to control user access toMonitor routines.

PRVEXT=NO/YES Type of security to be used to control userexecution of privileged commands.

RPFEXT=NO/YES Type of security to be used to control access toRPFs.

UPSEXT=NO/YES Type of security to be used to control user access toUPS functions.


listed in Table 2-1. For example, if in 5.8 you defined a resource ofROSQUERY.ROSCMD.ETSO with an access of READ, in 6.0 you shouldspecify CLLEXT=YES to enable the same external security.

2.1.2 Access Attribute TranslationThroughout this guide, access attributes are listed as CONTROL, READ, orUPDATE. Table 2-2 displays the Advantage CA-Roscoe access attributes andthe corresponding attributes you must specify for your external securitysystem.

Table 2-2. Advantage CA-Roscoe Access Attributes

External Security System

Access Attribute eTrustCA-ACF2

eTrust CA-TopSecret

IBM RACF

CONTROL DELETE CONTROL CONTROL

READ READ READ READ

UPDATE UPDATE UPDATE UPDATE

2.1.2.1 Advantage CA-Roscoe Commands

Table 2-3 (Page 1 of 5). Advantage CA-Roscoe Commands

Command ROSRES Class Resource Name Attr

ACCT BUFFERS [rosid.]ROSCMD.PRIV.ACCT.ACCT.BUFFERS CONTROL

ACCT FILES [rosid.]ROSCMD.PRIV.ACCT.ACCT.FILES CONTROL

ACCT ROSCOE ON [rosid.]ROSCMD.PRIV.ACCT.ACCT.ROSCOE CONTROL

ACCT SMF ON [rosid.]ROSCMD.PRIV.ACCT.ACCT.SMF CONTROL

ACCT STATUS [rosid.]ROSCMD.PRIV.ACCT.ACCT.STATUS CONTROL

ACCT SWITCH [rosid.]ROSCMD.PRIV.ACCT.ACCT.SWITCH CONTROL

ALTER pfx.mem [rosid.]ROSCMD.PRIV.ROSLIB UPDATE

ATTACH pfx.mem [rosid.]ROSCMD.PRIV.ROSLIB UPDATE

CALL program [rosid.]ROSCMD.ETSO.program READ

CALL ROSTMP [rosid.]ROSCMD.ETSO.ROSTMP READ

CANCEL KEY= [rosid.]ROSCMD.PRIV.ETSO.CANCEL CONTROL

DEBUG ADD [rosid.]ROSCMD.PRIV.OPER.DEBUG.ADD CONTROL

DEBUG ANY [rosid.]ROSCMD.PRIV.OPER.DEBUG.ANY CONTROL

DEBUG Cx [rosid.]ROSCMD.PRIV.OPER.DEBUG.C CONTROL




DEBUG Dx [rosid.]ROSCMD.PRIV.OPER.DEBUG.D CONTROL

DEBUG DELETE [rosid.]ROSCMD.PRIV.OPER.DEBUG.ADD CONTROL

DEBUG LAST [rosid.]ROSCMD.PRIV.OPER.DEBUG.LAST CONTROL

DEBUG NAME [rosid.]ROSCMD.PRIV.OPER.DEBUG.NAME CONTROL

DEBUG NEW [rosid.]ROSCMD.PRIV.OPER.DEBUG.NEW CONTROL

DEBUG NOSDUMP [rosid.]ROSCMD.PRIV.OPER.DEBUG.SDUMP CONTROL

DEBUG NOSUBTST [rosid.]ROSCMD.PRIV.OPER.DEBUG.SUBTST CONTROL

DEBUG ONLY [rosid.]ROSCMD.PRIV.OPER.DEBUG.ANY CONTROL

DEBUG SDUMP [rosid.]ROSCMD.PRIV.OPER.DEBUG.SDUMP CONTROL

DEBUG SIZE [rosid.]ROSCMD.PRIV.OPER.DEBUG.SPACE CONTROL

DEBUG SPACE [rosid.]ROSCMD.PRIV.OPER.DEBUG.SPACE CONTROL

DEBUG SPIE [rosid.]ROSCMD.PRIV.OPER.DEBUG.SPIE CONTROL

DEBUG SUBTST [rosid.]ROSCMD.PRIV.OPER.DEBUG.SUBTST CONTROL

DELETE pfx.mem [rosid.]ROSCMD.PRIV.ROSLIB UPDATE

EXEC pfx.mem [rosid.]ROSCMD.RPF.pfx.mem READ

EXEC UPSMNTnn(implicit andexplicit)

[rosid.]ROSCMD.PRIV.ROSUPS UPDATE

FETCH pfx.mem [rosid.]ROSCMD.PRIV.ROSLIB UPDATE

FREE ... KEY [rosid.]ROSCMD.PRIV.ETSO.FREE CONTROL

LIBCACHE OFF [rosid.]ROSCMD.PRIV.OPER.LIBCACHE.ON CONTROL

LIBCACHE ON [rosid.]ROSCMD.PRIV.OPER.LIBCACHE.ON CONTROL

LIBCACHE PURGE [rosid.]ROSCMD.PRIV.OPER.LIBCACHE.PURGE CONTROL

OPERATOR ACCTBUFFERS

[rosid.]ROSCMD.PRIV.ACCT.ACCT.BUFFERS CONTROL

OPERATOR ACCTFILES

[rosid.]ROSCMD.PRIV.ACCT.ACCT.FILES CONTROL

OPERATOR ACCTROSCOE ON

[rosid.]ROSCMD.PRIV.ACCT.ACCT.ROSCOE CONTROL

OPERATOR ACCTSMF ON

[rosid.]ROSCMD.PRIV.ACCT.ACCT.SMF CONTROL

OPERATOR ACCTSTATUS

[rosid.]ROSCMD.PRIV.ACCT.ACCT.STATUS CONTROL




OPERATOR ACCTSWITCH

[rosid.]ROSCMD.PRIV.ACCT.ACCT.SWITCH CONTROL

OPERATOR FLUSH...

[rosid.]ROSCMD.PRIV.OPER.ROZAP.FLUSH CONTROL

OPERATORINTERVAL

[rosid.]ROSCMD.PRIV.OPER.OPER.INTERVAL CONTROL

OPERATORLERPRT

[rosid.]ROSCMD.PRIV.OPER.OPER.LERPRT CONTROL

OPERATORMESSAGES

[rosid.]ROSCMD.PRIV.OPER.OPER.MESSAGES CONTROL

OPERATORNETSTAT

[rosid.]ROSCMD.PRIV.OPER.OPER.NETSTAT CONTROL

OPERATORNOMSG

[rosid.]ROSCMD.PRIV.OPER.OPER.MESSAGES CONTROL

OPERATORNOROSLOG

[rosid.]ROSCMD.PRIV.OPER.OPER.ROSLOG CONTROL

OPERATORNOSEND

[rosid.]ROSCMD.PRIV.OPER.OPER.SEND CONTROL

OPERATORNOSIGNON

[rosid.]ROSCMD.PRIV.OPER.ROZAP.SIGNON CONTROL

OPERATORNOSUBMIT

[rosid.]ROSCMD.PRIV.OPER.ROZAP.SUBMIT CONTROL

OPERATOR OFF ... [rosid.]ROSCMD.PRIV.OPER.OPER.OFF CONTROL

OPERATORREFRESH UPS

[rosid.]ROSCMD.PRIV.OPER.ROZAP.REFRESH CONTROL

OPERATORRESTART ...

[rosid.]ROSCMD.PRIV.OPER.OPER.RESTART CONTROL

OPERATORROSLOG

[rosid.]ROSCMD.PRIV.OPER.OPER.ROSLOG CONTROL

OPERATOR RPS ... [rosid.]ROSCMD.PRIV.RPS.PRINT.START CONTROL

OPERATOR RTMDISPLAY

[rosid.]ROSCMD.PRIV.ACCT.RTM.DISPLAY CONTROL

OPERATOR RTMEXCL

[rosid.]ROSCMD.PRIV.ACCT.RTM.INCL CONTROL

OPERATOR RTMINCL

[rosid.]ROSCMD.PRIV.ACCT.RTM.INCL CONTROL




OPERATOR RTMLIST

[rosid.]ROSCMD.PRIV.ACCT.RTM.LIST CONTROL

OPERATOR RTMOFF

[rosid.]ROSCMD.PRIV.ACCT.RTM.ON CONTROL

OPERATOR RTMON

[rosid.]ROSCMD.PRIV.ACCT.RTM.ON CONTROL

OPERATOR SEND...

[rosid.]ROSCMD.PRIV.OPER.OPER.SEND CONTROL

OPERATORSHUTDOWN ...

[rosid.]ROSCMD.PRIV.OPER.ROZAP.SHUTDOWN CONTROL

OPERATORSIGNON


OPERATOR SPOOL [rosid.]ROSCMD.PRIV.OPER.OPER.SPOOL CONTROL

OPERATORSTATUS

[rosid.]ROSCMD.PRIV.OPER.OPER.STATUS CONTROL

OPERATORSTATUSX

[rosid.]ROSCMD.PRIV.OPER.OPER.STATUSX CONTROL

OPERATOR STOPLINE=...

[rosid.]ROSCMD.PRIV.OPER.OPER.STOP CONTROL

OPERATORSUBMIT

[rosid.]ROSCMD.PRIV.OPER.ROZAP.SUBMIT CONTROL

OPERATOR VTAM...

[rosid.]ROSCMD.PRIV.OPER.OPER.VTAM CONTROL

PEEK function [rosid.]ROSCMD.PRIV.OPER.PEEK READ

PRINT CANCEL ... [rosid.]ROSCMD.PRIV.RPS.PRINT.CANCEL CONTROL

PRINT HOLD ... [rosid.]ROSCMD.PRIV.RPS.PRINT.HOLD CONTROL

PRINT MOD ... [rosid.]ROSCMD.PRIV.RPS.PRINT.MOD CONTROL

PRINT RELEASE ... [rosid.]ROSCMD.PRIV.RPS.PRINT.HOLD CONTROL

PRINT RESTARTRPS ...

[rosid.]ROSCMD.PRIV.RPS.PRINT.START CONTROL

PRINT ROUTE ... [rosid.]ROSCMD.PRIV.RPS.PRINT.ROUTE CONTROL

PRINT START RPS...

[rosid.]ROSCMD.PRIV.RPS.PRINT.START CONTROL

PRINT STOP RPS [rosid.]ROSCMD.PRIV.RPS.PRINT.START CONTROL




QUERY ALLOCATE...

[rosid.]ROSCMD.PRIV.ETSO.QUERY.ALLOCATE READ

QUERY CALL ... [rosid.]ROSCMD.PRIV.ETSO.QUERY.CALL READ

RCSTRACE ... [rosid.]ROSCMD.PRIV.OPER.RCSTRACE CONTROL

RENAME pfx.mem [rosid.]ROSCMD.PRIV.ROSLIB UPDATE

ROZAP nnn [rosid.]ROSCMD.PRIV.OPER.ROZAP.MONPAUSE CONTROL

ROZAP ABEND [rosid.]ROSCMD.PRIV.OPER.ROZAP.ABEND CONTROL

ROZAP DUMP [rosid.]ROSCMD.PRIV.OPER.ROZAP.DUMP CONTROL

ROZAP FLUSH ... [rosid.]ROSCMD.PRIV.OPER.ROZAP.FLUSH CONTROL

ROZAP LOCK [rosid.]ROSCMD.PRIV.OPER.ROZAP.LOCK CONTROL

ROZAPNOSIGNON


ROZAP NOSUBMIT [rosid.]ROSCMD.PRIV.OPER.ROZAP.SUBMIT CONTROL

ROZAP REFRESHUPS

[rosid.]ROSCMD.PRIV.OPER.ROZAP.REFRESH CONTROL

ROZAP RELOAD [rosid.]ROSCMD.PRIV.OPER.ROZAP.RELOAD CONTROL

ROZAPSHUTDOWN ...

[rosid.]ROSCMD.PRIV.OPER.ROZAP.SHUTDOWN CONTROL

ROZAP SIGNON [rosid.]ROSCMD.PRIV.OPER.ROZAP.SIGNON CONTROL

ROZAP SUBMIT [rosid.]ROSCMD.PRIV.OPER.ROZAP.SUBMIT CONTROL

ROZAP UNLOCK [rosid.]ROSCMD.PRIV.OPER.ROZAP.LOCK CONTROL

ROZAP VTRACE ... [rosid.]ROSCMD.PRIV.OPER.ROZAP.VTRACE CONTROL

RTM DISPLAY [rosid.]ROSCMD.PRIV.ACCT.RTM.DISPLAY CONTROL

RTM EXCL [rosid.]ROSCMD.PRIV.ACCT.RTM.INCL CONTROL

RTM INCL [rosid.]ROSCMD.PRIV.ACCT.RTM.INCL CONTROL

RTM LIST [rosid.]ROSCMD.PRIV.ACCT.RTM.LIST CONTROL

RTM OFF [rosid.]ROSCMD.PRIV.ACCT.RTM.ON CONTROL

RTM ON [rosid.]ROSCMD.PRIV.ACCT.RTM.ON CONTROL

RUN mon [rosid.]ROSCMD.MONITOR.mon READ

SAVE pfx.mem [rosid.]ROSCMD.PRIV.ROSLIB UPDATE

UPDATE pfx.mem [rosid.]ROSCMD.PRIV.ROSLIB UPDATE


2.1.2.2 Advantage CA-Roscoe External Resources

Table 2-4 (Page 1 of 5). Advantage CA-Roscoe Resource Names

ROSRES Class Resource Name Command Attr

[rosid.]ROSCMD.ETSO.program CALL programTSO program

READ

[rosid.]ROSCMD.ETSO.ROSTMP CALL ROSTMP READ

[rosid.]ROSCMD.MONITOR.mon RUN mon READ

[rosid.]ROSCMD.PRIV.ACCT.ACCT.BUFFERS ACCT BUFFERSOPERATORACCT BUFFERS

CONTROL

[rosid.]ROSCMD.PRIV.ACCT.ACCT.FILES ACCT FILESOPERATORACCT FILES

CONTROL

[rosid.]ROSCMD.PRIV.ACCT.ACCT.ROSCOE ACCT ROSCOEONOPERATORACCT ROSCOEON

CONTROL

[rosid.]ROSCMD.PRIV.ACCT.ACCT.SMF ACCT SMF ONOPER ACCT SMFON

CONTROL

[rosid.]ROSCMD.PRIV.ACCT.ACCT.STATUS ACCT STATUSOPERATORACCT STATUS

CONTROL

[rosid.]ROSCMD.PRIV.ACCT.ACCT.SWITCH ACCT SWITCHOPERATORACCT SWITCH

CONTROL

[rosid.]ROSCMD.PRIV.ACCT.RTM.DISPLAY RTM DISPLAYOPERATOR RTMDISPLAY

CONTROL

[rosid.]ROSCMD.PRIV.ACCT.RTM.INCL RTM INCLRTM EXCLOPERATOR RTMEXCLOPERATOR RTMINCL

CONTROL

[rosid.]ROSCMD.PRIV.ACCT.RTM.LIST RTM LISTOPERATOR RTMLIST

CONTROL




[rosid.]ROSCMD.PRIV.ACCT.RTM.ON RTM OFFRTM ONOPERATOR RTMOFFOPERATOR RTMON

CONTROL

[rosid.]ROSCMD.PRIV.ETSO.CANCEL CANCEL KEY= CONTROL

[rosid.]ROSCMD.PRIV.ETSO.FREE FREE ... KEY= CONTROL

[rosid.]ROSCMD.PRIV.ETSO.QUERY.ALLOCATE QUERYALLOCATE ...

READ

[rosid.]ROSCMD.PRIV.ETSO.QUERY.CALL QUERY CALL READ

[rosid.]ROSCMD.PRIV.OPER.DEBUG.ADD DEBUG ADDDEBUG DELETE

CONTROL

[rosid.]ROSCMD.PRIV.OPER.DEBUG.ANY DEBUG ANYDEBUG ONLY

CONTROL

[rosid.]ROSCMD.PRIV.OPER.DEBUG.C DEBUG Cx CONTROL

[rosid.]ROSCMD.PRIV.OPER.DEBUG.D DEBUG Dx CONTROL

[rosid.]ROSCMD.PRIV.OPER.DEBUG.LAST DEBUG LAST CONTROL

[rosid.]ROSCMD.PRIV.OPER.DEBUG.NAME DEBUG NAME CONTROL

[rosid.]ROSCMD.PRIV.OPER.DEBUG.NEW DEBUG NEW CONTROL

[rosid.]ROSCMD.PRIV.OPER.DEBUG.SDUMP DEBUGNOSDUMPDEBUG SDUMP

CONTROL

[rosid.]ROSCMD.PRIV.OPER.DEBUG.SPACE DEBUG SIZEDEBUG SPACE

CONTROL

[rosid.]ROSCMD.PRIV.OPER.DEBUG.SPIE DEBUG SPIE CONTROL

[rosid.]ROSCMD.PRIV.OPER.DEBUG.SUBTST DEBUGNOSUBTSTDEBUG SUBTST

CONTROL

[rosid.]ROSCMD.PRIV.OPER.LIBCACHE.ON LIBCACHE OFFLIBCACHE ON

CONTROL

[rosid.]ROSCMD.PRIV.OPER.LIBCACHE.PURGE LIBCACHEPURGE

CONTROL

[rosid.]ROSCMD.PRIV.OPER.MESSAGE CONTROL

[rosid.]ROSCMD.PRIV.OPER.OPER.INTERVAL OPERATORINTERVAL

CONTROL




[rosid.]ROSCMD.PRIV.OPER.OPER.LERPRT OPERATORLERPRT

CONTROL

[rosid.]ROSCMD.PRIV.OPER.OPER.MESSAGES OPERATORMESSAGESOPERATORNOMSGS

CONTROL

[rosid.]ROSCMD.PRIV.OPER.OPER.NETSTAT OPERATORNETSTAT

READ

[rosid.]ROSCMD.PRIV.OPER.OPER.OFF OPERATOR OFF...

CONTROL

[rosid.]ROSCMD.PRIV.OPER.OPER.RESTART OPERATORRESTART ...

CONTROL

[rosid.]ROSCMD.PRIV.OPER.OPER.RETRY CONTROL

[rosid.]ROSCMD.PRIV.OPER.OPER.ROSLOG OPERATORNOROSLOGOPERATORROSLOG

CONTROL

[rosid.]ROSCMD.PRIV.OPER.OPER.SEND OPERATORNOSENDOPERATORSEND ...

CONTROL

[rosid.]ROSCMD.PRIV.OPER.OPER.SPOOL OPERATORSPOOL

CONTROL

[rosid.]ROSCMD.PRIV.OPER.OPER.STATUS OPERATORSTATUS

READ

[rosid.]ROSCMD.PRIV.OPER.OPER.STATUSX OPERATORSTATUSX

READ

[rosid.]ROSCMD.PRIV.OPER.OPER.STOP OPERATOR STOPLINE=...

CONTROL

[rosid.]ROSCMD.PRIV.OPER.OPER.VTAM OPERATORVTAM ...

CONTROL

[rosid.]ROSCMD.PRIV.OPER.PEEK PEEK function READ

[rosid.]ROSCMD.PRIV.OPER.RCSTRACE RCSTRACE ... CONTROL

[rosid.]ROSCMD.PRIV.OPER.ROZAP.ABEND ROZAP ABEND CONTROL

[rosid.]ROSCMD.PRIV.OPER.ROZAP.DUMP ROZAP DUMP CONTROL

[rosid.]ROSCMD.PRIV.OPER.ROZAP.ENABLE ROZAP DISABLEROZAP ENABLE

CONTROL




[rosid.]ROSCMD.PRIV.OPER.ROZAP.FLUSH OPERATORFLUSH ...ROZAP FLUSH

CONTROL

[rosid.]ROSCMD.PRIV.OPER.ROZAP.LOCK ROZAP LOCKROZAP UNLOCK

CONTROL

[rosid.]ROSCMD.PRIV.OPER.ROZAP.REFRESH OPERATORREFRESH UPSROZAP REFRESHUPS

CONTROL

[rosid.]ROSCMD.PRIV.OPER.ROZAP.RELOAD ROZAP RELOAD CONTROL

[rosid.]ROSCMD.PRIV.OPER.ROZAP.SHUTDOWN OPERSHUTDOWN ...ROZAPSHUTDOWN ...

CONTROL

[rosid.]ROSCMD.PRIV.OPER.ROZAP.SIGNON OPERATORNOSIGNONOPERATORSIGNONROZAPNOSIGNONROZAP SIGNON

CONTROL

[rosid.]ROSCMD.PRIV.OPER.ROZAP.SUBMIT OPERATORNOSUBMITOPERATORSUBMITROZAPNOSUBMITROZAP SUBMIT

CONTROL

[rosid.]ROSCMD.PRIV.OPER.ROZAP.VTRACE ROZAP VTRACE...

CONTROL

[rosid.]ROSCMD.PRIV.ROSLIB ALTER pfx.mem UPDATE

[rosid.]ROSCMD.PRIV.ROSLIB ATTACHpfx.mem

UPDATE

[rosid.]ROSCMD.PRIV.ROSLIB DELETE pfx.mem UPDATE

[rosid.]ROSCMD.PRIV.ROSLIB FETCH pfx.mem UPDATE

[rosid.]ROSCMD.PRIV.ROSLIB RENAMEpfx.mem

UPDATE

[rosid.]ROSCMD.PRIV.ROSLIB SAVE pfx.mem UPDATE




[rosid.]ROSCMD.PRIV.ROSLIB UPDATE pfx.mem UPDATE

[rosid.]ROSCMD.PRIV.ROSUPS EXEC UPSMNTnn UPDATE

[rosid.]ROSCMD.PRIV.RPS.PRINT.CANCEL PRINT CANCEL...

CONTROL

[rosid.]ROSCMD.PRIV.RPS.PRINT.HOLD PRINT HOLD ...PRINT RELEASE...

CONTROL

[rosid.]ROSCMD.PRIV.RPS.PRINT.MOD PRINT MOD ... CONTROL

[rosid.]ROSCMD.PRIV.RPS.PRINT.ROUTE PRINT ROUTE ... CONTROL

[rosid.]ROSCMD.PRIV.RPS.PRINT.START OPERATOR RPS...PRINT RESTARTRPS ...PRINT STARTRPS ...PRINT STOP RPS...

CONTROL

[rosid.]ROSCMD.RPF.pfx.mem EXEC pfx.mem READ


Chapter 3. Controlling Advantage CA-Roscoe WitheTrust CA-ACF2

This chapter discusses protecting your Advantage CA-Roscoe system witheTrust CA-ACF2. eTrust CA-ACF2 is one of two access control softwareproducts from Computer Associates described in this guide. eTrust CA-TopSecret, is described in Chapter 4, “Controlling Advantage CA-Roscoe WitheTrust CA-Top Secret” on page 4-1.

This chapter describes:

■ Requirements your system must meet before you can implement eTrustCA-ACF2 security with Advantage CA-Roscoe.

■ Writing eTrust CA-ACF2 rules to protect disks and files that are used withAdvantage CA-Roscoe.

The eTrust CA-ACF2 Other Products Guide documents a eTrust CA-ACF2interface for older versions of Advantage CA-Roscoe. Some of the informationpresented there may be helpful in understanding the relationship betweeneTrust CA-ACF2 and Advantage CA-Roscoe.

Chapter 3. Controlling Advantage CA-Roscoe With eTrust CA-ACF2 3-1

3.1 Prerequisites

3.1 Prerequisites

Before you can implement eTrust CA-ACF2 external security for AdvantageCA-Roscoe, the following conditions must be met:

■ You must be running eTrust CA-ACF2 Release 6.0 or higher.

■ A eTrust CA-ACF2 logonid must be defined for Advantage CA-Roscoe.The Advantage CA-Roscoe logonid must have the following attributes (seethe chapter, Maintaining Logonid Records in the eTrust CA-ACF2Administrator Guide for further information on creating eTrust CA-ACF2logonids):

JOBFROM MUSASS

NON-CNCL or MAINT NO-SMC

■ Advantage CA-Roscoe requests resource validations on behalf of the usersit services. It uses the ROSRES resource class for validation. Theeight-character SAF resource class is translated into a three-charactereTrust CA-ACF2 Resource Type Code. The translation between theresource class and resource type is described in the eTrust CA-ACF2CLASMAP GSO (Global System Options) record. If no CLASMAP recordis defined, the default resource type code will be ROS. (See the chapter onMaintaining Global System Options Records in the eTrust CA-ACF2Administrator Guide for further information about creating the CLASMAPrecord.)

■ If you write any masked resource rules for Advantage CA-Roscoecommands, you must have a resident directory for the rule type. Use theeTrust CA-ACF2 INFODIR GSO record to indicate to eTrust CA-ACF2which infostorage rule directories are to be built. (See the chapter onMaintaining Global System Options Records in the eTrust CA-ACF2Administrator Guide for further information on the INFODIR record.)


3.2 Writing eTrust CA-ACF2 Rules

3.2 Writing eTrust CA-ACF2 Rules

eTrust CA-ACF2 protects Advantage CA-Roscoe commands by default. Inother words, you must write a rule permitting a certain command to beperformed. If no rule exists, the command cannot be performed.

The syntax for writing eTrust CA-ACF2 rules is

$KEY(func)

$TYPE(rsrc-code)

UID(uidmask) permission

— or —

$KEY(func) TYPE(rsrc-code)

UID(uidmask) permission

where

$KEY(func) indicates the resource name being protected. func is thespecific Advantage CA-Roscoe command to be protected.Refer to Chapter 2, “Resource Names” on page 2-1, for a listof valid Advantage CA-Roscoe commands. You may usemasking for the func value.

TYPE(rsrc-code) is the resource type code. The default is ROS.

UID(uidmask) is the mask that defines the users permitted or denied theauthority to use Advantage CA-Roscoe commands.

permission specifies the type of permission that applies to the usersindicated in the rule. Valid permissions are shown below.

Allow The user is allowed to perform the specifiedcommand.

Log The user is allowed to perform the specifiedcommand, but the event is logged.

Prevent The user is not allowed to perform the command.

For more information about masking and writing rules for eTrust CA-ACF2refer to the chapter on Maintaining Resource Rules in the eTrust CA-ACF2Administrator Guide.

Chapter 3. Controlling Advantage CA-Roscoe With eTrust CA-ACF2 3-3

3.3 Examples

3.3 Examples

The following examples show eTrust CA-ACF2 rules used to protectAdvantage CA-Roscoe. The first is required for the Advantage CA-Roscoe job;the second is an example of specific command protection for a AdvantageCA-Roscoe user; the third is recommended for distributed AdvantageCA-Roscoe RPFs.

1. This is an example of an eTrust CA-ACF2 rule to allow a AdvantageCA-Roscoe user (USER1) to issue the ROZAP Operator commands.

$KEY([rosid.] ROSCMD.PRIV.OPER.ROZAP) TYPE(ROS)

UID(USER1) SERVICE(READ) ALLOW

2. This is an example of a eTrust CA-ACF2 rule to prevent a AdvantageCA-Roscoe user (USER2) from using all ETSO services.

$KEY([rosid.] ROSCMD.ETSO.ROSTMP) TYPE(ROS)

UID(USER2) SERVICE(READ) PREVENT

3. The Advantage CA-Roscoe Help Facility and Tutorial are distributed asRPFs in product distribution libraries. It is recommended that all RPFsprovided in the product distribution libraries be placed into an RPF librarythat can be made available to all users. Then, to enable access to the HELPFacility, the Tutorial facility, and the RPF library, while protecting all otherlibraries, implement the following rules:

$KEY([rosid.] ROSCMD.RPF.helppfx.)

UID(�) SERVICE(READ) ALLOW

$KEY([rosid.] ROSCMD.RPF.tutrpfx.)


$KEY([rosid.] ROSCMD.RPF.execpfx.)


where helppfx and tutrpfx are the Advantage CA-Roscoe account prefixesfor the HELP facility and the Tutorial, respectively. execpfx refersgenerically to the prefix of any account from which RPFs are executed.

See the Advantage CA-Roscoe System Reference Guide for a list anddescription of additional distributed accounts that should be consideredand may be included with those listed above.


Chapter 4. Controlling Advantage CA-Roscoe WitheTrust CA-Top Secret

This chapter discusses protecting your system and your Advantage CA-Roscoesoftware with eTrust CA-Top Secret.

This chapter describes the prerequisites necessary to implement eTrust CA-TopSecret security on your system with Advantage CA-Roscoe. It also explainshow to write eTrust CA-Top Secret rules to protect Advantage CA-Roscoecommands.

See the eTrust CA-Top Secret Other Interfaces Implementation Guide for completeinformation.

Chapter 4. Controlling Advantage CA-Roscoe With eTrust CA-Top Secret 4-1

4.1 Prerequisites

4.1 Prerequisites

Before you can implement eTrust CA-Top Secret security for AdvantageCA-Roscoe, you must meet the following conditions:

■ eTrust CA-Top Secret MVS Release 4.3 or above should be installed onyour MVS system.

■ CAS9SEC MODULE, and the CAS9TS42 translator module must beavailable to Advantage CA-Roscoe.

■ Review the ACFEXIT which is documented in the Advantage CA-RoscoeExtended Facilities for System Programmers Guide. This exit is used forsign-on security. The eTrust CA-Top Secret distributed ACFEXIT uses thesecond qualifier of the Advantage CA-Roscoe userid (if there is more thanone qualifier) for sign-on verification. (The default ACFEXIT distributedby Advantage CA-Roscoe 6.0 uses the first qualifier.)

■ Read the eTrust CA-Top Secret Other Interfaces Implementation Guide forcomplete details of the eTrust CA-Top Secret/Advantage CA-Roscoeinterface relationship.

■ Protect the Advantage CA-Roscoe commands you choose to control by oneof the following methods:

1. Define individual Advantage CA-Roscoe commands to the eTrustCA-Top Secret security database, as follows:

TSS ADDto(acid) rescl(resname)

where:

ADDto can be specified as ADDTO or ADD.

acid is the defined TSS accessor ID; usually the accessor ID of adepartment (TYPE(DEPT)) or division (TYPE(DIV)).

rescl is the eTrust CA-Top Secret resource class to be protected.For Advantage CA-Roscoe commands the resource class isROSRES.

resname is the name (or entity) of the resource within the specifiedclass. This is the Advantage CA-Roscoe command to bedefined to the security database. For Advantage CA-Roscoe,this will be ROSCMD or the rosid value.


4.1 Prerequisites

2. Protect all Advantage CA-Roscoe commands generically by definingthe product's ROSRES command prefixes and ROSCMD (the default)to the database with a command such as:

TSS ADD(deptacid) ROSRES(ROSCMD)

and if RESHLQ=ROSID in the Advantage CA-Roscoe SYSIN stream,then

TSS ADD(deptacid) ROSRES(rosid)

3. Assign default protection (DEFPROT) to the ROSRES resource class.This will allow product internal security to be overridden for allROSRES commands regardless of whether they are defined to thedatabase. That is, all commands will be implicitly protected. You mustthen define either the individual command or the command prefix asshown above before their use can be authorized.

Note that assigning default protection provides maximum security foryour installation.

You may already have assigned default protection to this resourceclass. To find out, issue the command:

TSS LIST(RDT) RESCLASS(ROSRES)

Default protection may be assigned by the following command:

TSS REPLACE(RDT) RESCLASS(ROSRES) ATTR(DEFPROT)

Refer to the eTrust CA-Top Secret TSS Command Functions Guide foradditional information on TSS commands.

4. Any started task not defined to the STC table in TSS will use the acidfor the default. Define the RSASR60 started task to the STC table withan acid of *BYPASS* using the following command:

TSS ADD(STC) PROC(RSASR6�) ACID(�BYPASS�)

■ The High Level Qualifier for the Advantage CA-Roscoe ROSCMD securityresource must be owned by an ACID to allow the execution of privilegedcommands. Advantage CA-Roscoe will deny access to privilegedcommands unless the commands have been permitted to the user.


4.2 eTrust CA-Top Secret Cross-Authorizations

4.2 eTrust CA-Top Secret Cross-Authorizations

Cross-authorizations grant users access to resources from logon until logoff.Cross-authorizations are established through the TSS PERMIT command.

The TSS PERMIT command syntax for cross-authorizing ROSRES resources is:

TSS PERMIT(acid) ROSRES(func) ACCESS(access) ACTION(actions)

where:

acid Is the accessor ID of the user that you want to permit to execute thecommand.

func Is the resource name (command) prefix to be cross-authorized.

access Is the definition for access.

actions Optionally specifies special actions to be taken.

Actions commonly used include:

AUDIT Permits access but records all usage in the Audit/Tracking File.DENY Explicitly denies this user access to the resource.FAIL Used with DENY, denies access in all modes.

You can use one command to let a user execute more than one AdvantageCA-Roscoe command (up to a maximum of five commands per entry). Youmay also use generic prefixing to specify commands. For example, the rulebelow lets user USER2 issue the ROZAP FLUSH command.

TSS PERMIT(USER2) ROSRES([rosid.]ROSCMD.PRIV.OPER.ROZAP.FLUSH) ACCESS(CONTROL)

Refer to Chapter 2, “Resource Names” on page 2-1 for additional informationabout Advantage CA-Roscoe commands, resource types, and actions.

Permission may also be grouped in profiles that can be shared by more thanone user. The following example shows the creation of a profile, with theACID ROSPRIV, which will be given to Advantage CA-Roscoe administrators.All users possessing the ROSPRIV profile will inherit the access permissions ofthe profile. In our example, USER1 is the first user to be ADDed to theROSPRIV profile.

TSS CREATE(ROSPRIV) TYPE(PROFILE) DEPT(SYSPROG) NAME('CA-ROSCOE ADMINISTATOR')

TSS PERMIT(ROSPRIV) ROSRES([rosid.]ROSCMD.PRIV) ACCESS(READ)

TSS ADDTO(USER1) PROFILE(ROSPRIV)

The example above will allow USER1 to execute all privileged commands.


4.3 RPF Security

4.3 RPF Security

1. To enable all users within Advantage CA-Roscoe to execute RPFs, thefollowing PERMIT should be used:

TSS PERMIT(ALL) ROSRES([rosid.]ROSCMD.RPF.) ACCESS(READ)

Example:

To allow only Advantage CA-Roscoe user (USER4) to execute the RPFABC.INVENT, specify the following TSS rule:

TSS PERMIT(ALL) ROSRES([rosid.]ROSCMD.RPF.ABC.INVENT) ACCESS(NONE)

TSS PERMIT(USER4) ROSRES([rosid.]ROSCMD.RPF.ABC.INVENT) ACCESS(READ)

The first PERMIT above denies access to the ABC.INVENT RPF for allusers. The second PERMIT allows access to the ABC.INVENT RPF for user(USER4).

2. The Advantage CA-Roscoe Help Facility and Tutorial are distributed asRPFs in product distribution libraries. It is recommended that all RPFsprovided in the product distribution libraries be placed into an RPF librarythat can be made available to all users. Then, to enable access to the HelpFacility, the Tutorial facility, and the RPF library, while protecting all otherlibraries, implement the following rules:

TSS PERMIT(ALL) ROSRES([rosid.] ROSCMD.RPF.helppfx.) ACCESS(READ)

TSS PERMIT(ALL) ROSRES([rosid.] ROSCMD.RPF.tutrpfx.) ACCESS(READ)

TSS PERMIT(ALL) ROSRES([rosid.] ROSCMD.RPF.execpfx.) ACCESS(READ)

where helppfx and tutrpfx are the Advantage CA-Roscoe account prefixesfor the Help facility and the Tutorial facility, respectively. execpfx refersgenerically to the prefix of any account from which RPFs are executed.

See the Advantage CA-Roscoe System Reference Guide for a list anddescription of additional distributed accounts that should be consideredand may be included with those listed above.

For additional information on writing rules, refer to the eTrust CA-Top SecretTSS Command Functions Guide.


Chapter 5. Controlling Advantage CA-Roscoe withRACF

This chapter discusses protecting your system and your Advantage CA-Roscoesoftware with IBM's RACF.

This chapter describes the prerequisites necessary to implement IBM's RACFsecurity on your system with Advantage CA-Roscoe. It also explains how towrite RACF rules to protect the commands of Advantage CA-Roscoe.

Chapter 5. Controlling Advantage CA-Roscoe with RACF 5-1

5.1 Prerequisites

5.1 Prerequisites

Before you can implement RACF security for Advantage CA-Roscoe, you mustbe running RACF MVS Release 1.8 or higher.


5.2 Writing RACF Rules


■ The RACF resource class for Advantage CA-Roscoe commands isRO@RES.

■ Assemble the macros ICHERCDE and ICHRFRTB as follows:

[label] ICHERCDE CLASS=RO@RES,

DFTUACC=NONE,

FIRST=ANY,

ID=nn,

KEYQUAL=�,

MAXLNTH=39,

OPER=NO,

OTHER=ANY,

POSIT=nnn

[label] ICHRFRTB ACTION=RACF,

CLASS=RO@RES

■ You must IPL for the above entries to become effective.

■ Define the following:

SETROPTS CLASSACT(RO@RES)

SETROPTS GENERIC(RO@RES)

RDEFINE RO@RES [rosid.]ROSCMD.ETSO UACC(NONE)

RDEFINE RO@RES [rosid.]ROSCMD.MONITOR UACC(NONE)

RDEFINE RO@RES [rosid.]ROSCMD.PRIV UACC(NONE)

RDEFINE RO@RES [rosid.]ROSCMD.PRIV.ROSLIB UACC(NONE)

RDEFINE RO@RES [rosid.]ROSCMD.PRIV.ROSUPS UACC(NONE)

RDEFINE RO@RES [rosid.]ROSCMD.RPF UACC(READ)

PERMIT [rosid.]ROSCMD.ETSO CLASS(RO@RES) ID(rosprof) ACCESS(access)

PERMIT [rosid.]ROSCMD.MONITOR CLASS(RO@RES) ID(rosprof) ACCESS(access)

PERMIT [rosid.]ROSCMD.PRIV CLASS(RO@RES) ID(rosprof) ACCESS(access)

PERMIT [rosid.]ROSCMD.PRIV.ROSLIB CLASS(RO@RES) ID(rosprof) ACCESS(access)

PERMIT [rosid.]ROSCMD.PRIV.ROSUPS CLASS(RO@RES) ID(rosprof) ACCESS(access)

RDEFINE RO@RES [rosid.]ROSCMD.� UACC(READ)

RDEFINE RO@RES [rosid.]ROSCMD.PRIV.� UACC(NONE)

■ Notes:

– The ID(rosprof) specified in the PERMIT statements is the ID of theAdvantage CA-Roscoe job.

Chapter 5. Controlling Advantage CA-Roscoe with RACF 5-3


– The use of the default ID of STCUSER for the Advantage CA-Roscoejob will invalidate these resource calls because STCUSER is usuallydefined to bypass resource checking. This would give the AdvantageCA-Roscoe job complete access to these resources, and make theexternal setting active for all of them.

– The RDEFINE for ROSCMD.RPF enables all users to execute RPFs.

– The Advantage CA-Roscoe Help Facility and Tutorial are distributedas RPFs in product distribution libraries. It is recommended that allRPFs provided in the product distribution libraries be placed into anRPF library that can be made available to all users. Then, to enableaccess to the HELP Facility, the Tutorial facility, and the RPF library,while protecting all other libraries, implement the following rules:

RDEFINE RO@RES [rosid.]ROSCMD.RPF.� CLASS(RO@RES) UACC(NONE)

RDEFINE RO@RES [rosid.]ROSCMD.RPF.helppfx.� CLASS(RO@RES) UACC(READ)

RDEFINE RO@RES [rosid.]ROSCMD.RPF.tutrpfx.� CLASS(RO@RES) UACC(READ)

RDEFINE RO@RES [rosid.]ROSCMD.RPF.execpfx.� CLASS(RO@RES) UACC(READ)

where helppfx and tutrpfx are the Advantage CA-Roscoe accountprefixes for the Help facility and the Tutorial facility, respectively.execpfx refers generically to the prefix of any account from whichRPFs are executed.

See the Advantage CA-Roscoe System Reference Guide for a list anddescription of additional distributed accounts that should beconsidered and may be included with those listed above.

5.2.1 Examples■ This is an example of setting external RACF security for Advantage

CA-Roscoe:

PERMIT [rosid.]ROSCMD.PRIV CLASS(RO@RES) ID(userprof) ACCESS(access)

■ This is an example of a RACF rule to allow a Advantage CA-Roscoe user(USER1) to issue the ROZAP FLUSH command.

PERMIT [rosid.]ROSCMD.PRIV.OPER.ROZAP.FLUSH CLASS(RO@RES) ID(USER1)

ACCESS(CONTROL)

■ This is an example of a RACF rule to allow a Advantage CA-Roscoe user(USER2) to execute the RPF ABC.INVENT (INVENT is stored in anotheruser's library that has the prefix of ABC).

RDEFINE RO@RES [rosid.]ROSCMD.RPF.ABC.INVENT CLASS(RO@RES) UACC(NONE)

PERMIT [rosid.]ROSCMD.RPF.ABC.INVENT CLASS(RO@RES) ID(USER2) ACCESS(CONTROL)

The RDEFINE defines the ROSCMD.RPF.ABC.INVENT with a globalaccess of NONE. Ths prevents all users from executing the RPFABC.INVENT. The PERMIT then allows USER2 to execute the RPFABC.INVENT.


Index

AAccess Attributes

Description 2-3Advantage CA-Roscoe Commands

Controlling with eTrust CA-ACF2 3-1Controlling with eTrust CA-Top Secret 4-1Controlling with RACF 5-1

Advantage CA-Roscoe functions 2-1Attributes

Defining 2-3

CCA-ACF2

Prerequisites 3-2Rule Syntax 3-3

CAS9TS42 4-2Command syntax

eTrust CA-Top Secret 4-4Controlling

Advantage CA-Roscoe commandsUsing eTrust CA-ACF2 3-1Using eTrust CA-Top Secret 4-1Using RACF 5-1

EeTrust CA-Top Secret

CAS9TS42 4-2Command syntax 4-4Prerequisites 4-2Rule Syntax 4-4Security Database 4-2

External SecurityDefining Access 2-2Description 1-3Turning OFF 1-5

HHELP

RPF SecurityCA-ACF2 3-4eTrust CA-Top Secret 4-5RACF 5-4

IICHERCDE macro

Defining RACF Security 5-3ICHRFRTB macro

Defining RACF Security 5-3Initialization Parameters

Using No External Security 1-5Initialization Parameters, Advantage CA-Roscoe

ACFEXT Defined 2-2CLLEXT Defined 2-2Description 2-2JOBEXT Defined 2-2LIBEXT Defined 2-2MONEXT Defined 2-2PRVEXT Defined 2-2RPFEXT Defined 2-2UPSEXT Defined 2-2

Internal SecurityDefining Access 2-2Description 1-2

PPrerequisites

CA-ACF2 3-2eTrust CA-Top Secret 4-2RACF 5-2

Index X-1

RRACF

Prerequisites 5-1Rule Syntax 5-3

Resource functions 2-1RPF Security


Rules SyntaxCA-ACF2 3-3eTrust CA-Top Secret 4-4RACF 5-3

SSecurity Access

Defining 2-2Syntax Examples


TTUTORIAL, Advantage CA-Roscoe

RPF SecurityCA-ACF2 3-4eTrust CA-Top Secret 4-5RACF 5-4

X-2 Security Administration Guide

advantage ca-roscoe interactive environment · rpf language guide describes all components of the...

Documents