RESOURCE SECURITY

File and Library Security

File and library security helps prevent unauthorized use of files and libraries, and can be used only if password security is active. File and library security uses a file called the resource security file to store information about each protected file or library. The resource security file contains a record for each protected file and library. The record contains the user IDs of the authorized users of t~e file or library~_For ea~tl_ authQrizeQu.!tser, th~LLeCQrd contains art access code that identifies the user category.

For files and libraries, the authority of a user can be limited to any of the following categories:

Execute

Read

Change

Owner

The user is allowed to execute members from a secured library.

The user has execute level access and additionally can display the contents of a file or library member.

The user has read level access and additionally can

create/ delete files, libraries, and library members. Also, the user can change the contents of files and library members.

The owner has change level access. Also, the owner can grant access to other users and rename the file or library.

11-6

A public access level can also be specified. This level can be: none (blank), execute only (E), read only (R), change (G), or owner (0). For example, if execute only is specified as the public access level for a user library, all system users can execute members from that library. However, only those users specified in the access list can read or change it, and only users defined in the access list as owners can update the access list. No user can be restricted to a level of access lower than the public access level.

An entry for a file or library can be placed in the resource security file before the file or library is created. When an attempt is made to create a new file or library for which an entry exists in the resource security file and resource security is active, the system checks the user 10 of the operator against the access list. If the operator is authorized to change the contents of the file or library, the system creates the file or library and sets a flag in the VTOC entry indicating that the file or library is protected. If the operator is not authorized to change the file or library, the system displays an error message at both the requesting display station and at the system console; the display station operator must cancel the job.

If files exist with this label when the entry is placed into the resource security file, the security indicator is set in the VTOC entry for each file with this label.

If a user attempts to delete a file or library with an entry, the user must be authorized to change the file or library. If the user is authorized, the file or library is deleted. The entry is not deleted from the resource security file.

When an attempt is made to use a protected file or library, the system ensures that the operator at the display station is authorized to use the file or library.

When a 'program attempts to add to or update information in a file, the system checks that the operator is authorized to add or update the file. When a program attempts to read or change the contents of a protected library, the system checks that the operator is authorized to perform the requested

operation. If the operator is not an authorized user, or if an attempt is made to perform an operation that the operator is not authorized to perform, the system displays an error message at both the requesting display station and at the system console; the display station operator must cancel the job step or the job.

The system makes special checks before allowing a display station to attach to an MRT program. The system checks that the operator at the display station is authorized to execute programs from all libraries being used by the MRT program. If the M RT program has allocated disk files, the system checks that the operator is authorized to use those files. If the operator is not authorized to use the library or one or more of the files, the system displays an error message and does not allo~ the display station to attach to the M RT program.

If the MRT program later requests a file to which the display station operator is not authorized access, the security function displays a message at the system console and the system operator must cancel the job step or the job.

Note: Operators of display stations attached to MRJE need not be authorized for all files and libraries used by MRJE; they must be cleared for only those files and libraries they use.

If a program attempts to acquire a display station, the system checks that the operator at the display station is authorized to use the library that contains the program and that the operator is authorized to use any files already allocated by the program. If the operator is not authorized to use the library or one or more of the data files, the system returns an error code to the program and does not allow the program to acquire the display station. If the program later attempts to use a file to which an operator at an acquired display station is not authorized access, the security function displays an error message at the requesting display station; the operator must cancel the job step or the job.