IBM GC28-1920-01 manual

user

ID

on

the

same

or

a

different

RRSF

nodecauses.Beforea DEFINE

request. The

DEFINE

request

a command can be directed from one user IDreplacesto

the

RACDEF

function.

another, a user ID association

must

be

defined

between

them

via

the

RACLINK

command.

DFP .

See

Data

Facility

Product.

command

interpreter

.

A

program

that

reads

theDFP

segment

.

The

portion

of

a

RACF

profile

commands

that

you

type

in

and

then

containing information relating to the users and

executes

them.

When

you

are

typing

commands

into

the

resources

that

are

managed

by

the

data

facility

p

computer,

you

are

actually

typing

input

to

the

command

(DFP).

interpreter.

The

interpreter

then

decides

how

to

perform

the

commands

that

you

have

typed. The

shell

is

DIRAUTH

request

.

The

issuing

of

the

RACROUTE

an

macro with REQUEST=DIRAUTH specified. A

example of a command interpreter. Synonymous with

command

language

interpret. Sere

alsohell.

DIRAUTH

request

works on behalf of the

message-transmission managers to

ensure

that

the

command

language

interpreter

.

Synonym

for

receiver

of a message meets security-label

command

interpreter.

authorization

requirements.

coupling

facility

.

The

hardware

element

that

directed

command

.

A

RACF

command

that

is

issued

provides

from

a

user

ID

on

an

RRSF

node. It

runs

in

the

RAC

high-speed caching, list processing, and locking

functions

in

a

sysplex.

subsystem

address

space

on

the

same

or

a

differen

RRSF node under the authority of the same or a

D

different

user

ID. A directed command is one that

specifies

AT

or

ONLYAT. Seecommandalso

direction

Data

Facility

Product

(DFP)

and automatic

command

direction.

.

A

program

that

isolates

applications from storage devices, storage

directory .

(1) A type of file containing the names an

management, and storage device hierarchy

controlling

information for other files or other direc

management.

(2) A

construct

for

organizing

computer

files. As

files

data

security .

The protection of data from

are

analogous

to

folders

that

hold

information,

a

directory

is

analogous

to

a

drawer

that

can

hold

a

unauthorized

disclosure,

modification,

or

destruction,

whether

accidental

or

intentional.

number of folders. Directories can also contain

subdirectories,

which can contain subdirectories of

data

security

monitor

(DSMON)

.

A

RACF

auditing

own.

(3) A

file

that

contains

directory

entries. No

tw

directory

entries

in

the

same

directory

can

have

t

tool

that

produces

reports

enabling

an

installation

to

file

that

points to

files

and

to

ot

verify

its

basic

system

integrity

and

same

name. (4) A

data-security

controls.

directories. (5) An index used by a control program t

locate

blocks

of

data

that

are

stored in separate

data set profile . A profile that provides RACF

of

a

data

set

in

direct

access

storage.

protection

for

one

or

more

data

sets. The

information

in

A

resource

profile

that

can

provide

the

profile

can

include

the

data-set

discrete

profile

.

profile

name,

profile

owner,

universal

access

authority,

access

RACF protection for only a single resource. For

list,

and

other

profile

can

protect

only

a

singl

data. Seediscrete

profileandg neric

profile.

example,

a

discrete

data

set

or

minidisk.

data

sharing

mode

.

An

operational

RACF

mode

that

.

Seedata

security

.monitor

DSMON

is available when RACF is enabled for sysplex

communication. Data sharing mode uses global

resource

serialization

protocol

that

allows

concurrent

E

RACF

instances

to directly access and change

the

same database while maintaining data integrityentityas.

A

user,

group,

or

resource

(for

example,

a

always. Data

sharing

mode

requires

installationDASDof data

set)

that

is

defined

to

RACF.

coupling

facility

hardware.

EXTRACT

request

.

The issuing of the RACROUTE

default

group

.

In

RACF,

the

group specified

inmacro

userwith

REQUEST=EXTRACT

specified. An

profile

that

is

the

default

current

connect EXTRACTgroup.request

retrieves

or

replaces

certain

DEFINE

request

.

The

issuing

of

the

RACROUTE

specified

fields from a RACF profile or encodes ce

clear-text

(readable) data. The EXTRACT request

macro

with

REQUEST=DEFINE

specified. Also,

using replaces

the

RACXTRT

function.

a RACF

command

to

add

or

delete

a

resource

profile