The following file protection mechanisms are available in BS2000:
Restricting pubset access
Protection against unauthorized access to files on other pubsets can be provided by assigning different user IDs to different pubsets.Standard access control (USER-ACCESS/SHARE and ACCESS), (see "Standard access control (USER-ACCESS/SHARE and ACCESS)")
Basic Access Control List (BACL)
Permanent files and file generations on shared volumes can be protected using an Access Control List, whereas tape files and temporary files cannot (see "Basic Access Control List, BACL").Definition of an access profile using GUARDS
GUARDS is a component of the SECOS software product (see "GUARDS - file protection via a special access profile (guard)").Password
Files can be protected by defining file-specific read, write and execute passwords. A password-protected file cannot be processed unless the appropriate password for the desired access is specified. Passwords can be encrypted, if desired (see "Assigning a file password").File encryption
The content of files is encrypted (see "File encryption").Retention period
The user can define a retention period for a file during which no modification to the file will be permitted (see "Specifying a retention period").
A file protected with GUARDS can be accessed only when the defined access profile exists and the GUARDS subsystem is loaded. The SHOW-SUBSYSTEM-STATUS command supplies information on loaded subsystems.
For files on Net-Storage and in particular for node files, with respect to their access protection it must be borne in mind that the mechanisms described here are only effective in BS2000. Please also observe the notes in section