The following object management systems support data access control for their objects:

• DMS for files and storage classes

• LMS for library members

• JVS for job variables

• HSMS for HSMS management classes and

• FITC for FITC ports.

In its role as an object management system, SRPM provides system access control for terminal sets, user IDs and group assignments as well as for POSIX accesses (POSIX rlogin, POSIX remote).

The default condition administration system, which is a component of the GUARDS subsystem, is responsible for data and system access control. It creates an instance which is independent of the object management system and which can be used to define, administer and evaluate access conditions. The access conditions are stored in the guards managed by the GUARDS administration system.

Setup and administration of GUARDS protection

In order to implement protection using GUARDS, the following preparatory measures must be undertaken:

• Guards must be set up.
  This can be performed using the guards administration commands (see "section Guards administration").

• Access conditions must be defined.
  These may take the form of:

  • a list of users who have access authorization

  • privileges which a user must possess in order to perform access

  • time periods during which access is permitted or prohibited

  • certain system conditions.

  For further information on this topic, refer to "Defining access conditions".

• The guards must be linked to the objects requiring protection.

  For further information on this topic, refer to "Setting up data and system access control".