IBM GC28-1920-01 manual Glossary, direction, access

A

active. See alsoutomatic password directionand

command

direction.

access .

The

ability

to

obtain the

use

of

a

protected

.

An

RRSF

function

that

resource.

automatic

direction

automatically directs commands and password-related

access

authority

.

An

authority

related

to

a

updates to one or more remote systems. See also

request

for

a type of

access

to

protected

automatic

command directionandautomatic password

resources. In

RACF,

the

access authorities are NONE, EXECUTE, READ,

direction.

UPDATE,

CONTROL,

and

ALTER.

automatic

password

direction

.

An

extension

of

accessor

environment

element

(ACEE)

.

A

password

synchronization

and

automatic

command

direction

that causes

RACF

to

automatically

change

description

of

the

current

user,

including

user

ID,

for

a

user

ID

on

one

or

more

remote no

current

connect

group, user

attributes,

and

password

group

the password

for that

user ID

is

changed

after

identification

and

verification.

direction are active. passwordSee also

ACEE .

Seeaccessor

environment

element.

synchronization,

automatic

command

direction, and

automatic

direction.

appropriate

privileges

.

In

the

OpenEdition

MVS

Cor

implementation, superuser authority. A trusted

privileged attribute is an attribute associated with a

started

procedure

address

space

and

with

any

process

.

A

coupling

facility

structure

that

associated

with

the

address

space.

cache

structure

contains data accessed by systems in a sysplex.

AUDIT

request

.

The

issuing

of

the

provides

a

way

for

multiple

systems

to

determine t

RACROUTE macro

of

copies

of

the

cache

structure

data

with

REQUEST=AUDIT

specified. An

AUDIT

validity

request

is

storage.

local

a general-purpose security-audit request that can

be

used to

audit

a

specified

resource

name

and

action.

.

In

OpenEdition

MVS,

a

request

by

callable

service

AUTH

request

.

The

issuing

of

the

RACROUTE

an

active process

for

a

service. Synonymous

with

macro

with

REQUEST=AUTH

specified. The

primary

syscall, system call.

function

of

an

AUTH

request

is

to

check

a

user's

authorization

to

CDT .

Seeclass

descriptor. table

a RACF-protected resource or function. The AUTH

request

replaces

the

RACHECK

function. See

also

A

collection

of

RACF-defined

entities

(users,

authorization

checking.

class .

groups, and resources) with similar characteristics.

authority .

class

names

are

USER,

GROUP,

DATASET,

and

the

The

right

to

access

objects,

resources,

or

classes that are defined in the class descriptor

functions. Seeaccess authority, class authority,nd

group

authority.

class

authority

(CLAUTH)

.

An

authority

enabling

a

authorization

checking

user to define RACF profiles in a class defined

.

The

action

of determining

class descriptor table. A user can have class

whether

a

user

is

permitted

access

to

a

protected

authorities to one or more classes.

resource. RACF performs authorization checking as a

result of a RACROUTE REQUEST=AUTH or

class

descriptor

table

(CDT) .

A table

consisting of

an

RACROUTE

REQUEST=FASTAUTH.

entry

for each class except the USER, GROUP, and

automatic

command

direction

.

An

extension

of

DATASET

classes. The

table

is

generated

by

executing

the

ICHERCDE

macro

once

for

each

class.

command

direction

that

causes

RACF

to

automatically

The class descriptor table contains both the IBM

direct

certain

commands

to

one

or

more

remote

nodes

provided classes and also the installation defined

after

running

the

commands

on

the

issuing

node.

classes.

Commands can be automatically directed based on who

issued

the

command,

the

command

name,

or

the profile

Seeclass

authority.

CLAUTH

.

class related to the command. Profiles in the

RRSFDATA class control to which commands

are

command

direction

.

A

RRSF

function

that

allows

a

automatically

directed

when

automatic

directionuseris to

issue

a

command

from

one

user

ID

and

di

that

command

to

run

under

the

authority

of

a

dif

 Copyright

IBM

Corp.

1994,

1996

65