Two primary functions of the SMC are to influence MVS allocation to select devices compatible with tape volumes and to intercept MVS messages for tape mounts and dismounts to automate these operations for library and virtual drives. For scratch volumes, SMC allocation and mount processing are primarily based on user policies. You can use user exits to select policies. Additionally, the POLicy command may be issued at any time to add a new policy or replace the contents of an existing policy. The ESOTeric parameter can specify a list containing a maximum of eight esoterics.
|Published (Last):||10 April 2011|
|PDF File Size:||14.76 Mb|
|ePub File Size:||5.40 Mb|
|Price:||Free* [*Free Regsitration Required]|
Language English. Product Menu Topics. DFSMS dfp. The following is a list of recommended reading material:. Control access to data on DASD. This operation takes the system out of an MLS configuration, and should be done only under controlled conditions, and with only trusted users on the system.
Control access to data on tape. Control access to temporary data sets. Protect ICF catalogs. A security administrator or the data owner must write access rules to permit other users access.
A security administrator must write access rules to permit users to access data on a secured volume. Controlling Access to Data on Tape. For more information on writing access rules, see Access Rules. CA ACF2 also provides protection for tape data sets at the data-set-name level. However, your site must use a tape management product to use this feature. Controlling Access to Temporary Data Sets. In an MLS system, access restrictions apply to temporary data sets. A temporary data set is a special data set created and deleted in the same job.
Unlike an ordinary non-temporary data set, it is not cataloged and has a system-generated name. Only the job that creates a temporary data set can access it for read, write or scratch purposes. In an MLS system, temporary data sets must be protected from unauthorized access and disclosure. The security administrator must do the following:. Define procedures for processing temporary data sets. A job can always access its own temporary data sets, and in general, other jobs cannot.
When a job ends, its temporary data sets are automatically deleted by the system. However, there are some cases where data sets may not be deleted:. If access to temporary data sets were restricted to just the creating job, these leftover data sets would never be deleted, and would stay around forever, taking up valuable space.
To prevent this, it is necessary to allow selected authorized users access to these data sets, so they can be deleted. A logging record is created for each access. If many temporary data sets must be deleted, it may be desirable to suppress logging for each deletion. Temporary data sets have names like:. Where yyddd is the Julian date, hhmmss is the time in hours, minutes, and seconds, and nnnnnnn is a sequence number.
A rule can be created giving authorized users access to data sets with these names. Notice that the key of the rule set is date-dependent, so a new rule must be created every day. This could be done automatically by means of a nightly-run job that created the rule for the next day.
Protecting Integrated Catalog Facility Catalogs. Assigning Security Labels to Catalogs. This enables a user logged on with any security label to access the catalog based on the DAC access rules. Access Rules for Catalogs. A security administrator must write access rules to control access to the catalogs. The security administrator must write access rules for the master catalog and the user catalogs. All system users should be given read access to the master catalog and only a limited number of users should be allowed to write to the master catalog.
Below is a sample rule:. Because catalog entries can be read by a job with any security label, users must be careful how they name their data sets.
People tend to create data set names that help them to remember the contents of their data sets. This can also reveal more information than was intended. PLANS listed in a catalog could fuel rumors and hurt employee morale, even if its contents could not be read.
Users should be cautioned to choose their data set names carefully. If sensitive data set or file names must be protected, a security administrator can hide the names of data sets and files. Configure a Multilevel-Secure System. Protect ICF catalogs Assign security label to catalogs Write access rules to control access Activate name-hiding optional.
z/OS DFSMSdfp Storage Administration