Your Browser is not longer supported

Please use Google Chrome, Mozilla Firefox or Microsoft Edge to view the page correctly
Loading...

{{viewport.spaceProperty.prod}}

Separation of system access routes

The following access routes, which possess a user ID, can be processed separately for security reasons:

  • DIALOG-ACCESS

  • BATCH-ACCESS

  • OPERATOR-ACCESS-TERMINAL

  • OPERATOR-ACCESS-PROGRAM

  • OPERATOR-ACCESS-CONS

  • POSIX-RLOGIN-ACCESS

  • POSIX-REMOTE-ACCESS

  • NET-DIALOG-ACCESS

Since it is impossible to guarantee the same degree of protection for all access routes, it is advisable to restrict access via particularly sensitive user IDs to specific access routes. For instance, it may be useful to restrict access via a user ID belonging to system administration to access in interactive mode.

The right to issue follow-up jobs can be restricted by creating a guard with a list of user IDs under which executing jobs may start follow-up jobs for a specific user ID.

Access via specific user IDs may be restricted to specific terminals, since each terminal is uniquely identifiable via its BCAM name. This protection measure is particularly important wherever a large number of persons have access to a terminal (e.g. at a university).

Powered by Atlassian Confluence and Scroll Viewport.