Filter
Top Products
Glossary
A
access. The ability to obtain the use of a protected
resource.
access authority. An authority related to a request for
a type of access to protected resources. In RACF, the
access authorities are NONE, EXECUTE, READ,
UPDATE, CONTROL, and ALTER.
accessor environment element (ACEE). A
description of the current user, including user ID,
current connect group, user attributes, and group
authorities. An ACEE is constructed during user
identification and verification.
ACEE. See
accessor environment element
.
appropriate privileges. In the OpenEdition MVS
implementation, superuser authority. A trusted or
privileged attribute is an attribute associated with a
started procedure address space and with any process
associated with the address space.
AUDIT request. The issuing of the RACROUTE macro
with REQUEST=AUDIT specified. An AUDIT request is
a general-purpose security-audit request that can be
used to audit a specified resource name and action.
AUTH request. The issuing of the RACROUTE macro
with REQUEST=AUTH specified. The primary function
of an AUTH request is to check a user's authorization to
a RACF-protected resource or function. The AUTH
request replaces the RACHECK function. See also
authorization checking
.
authority. The right to access objects, resources, or
functions. See
access authority, class authority,
and
group authority
.
authorization checking. The action of determining
whether a user is permitted access to a protected
resource. RACF performs authorization checking as a
result of a RACROUTE REQUEST=AUTH or
RACROUTE REQUEST=FASTAUTH.
automatic command direction. An extension of
command direction that causes RACF to automatically
direct certain commands to one or more remote nodes
after running the commands on the issuing node.
Commands can be automatically directed based on who
issued the command, the command name, or the profile
class related to the command. Profiles in the
RRSFDATA class control to which commands are
automatically directed when automatic direction is
active. See also
automatic password direction
and
command direction
.
automatic direction. An RRSF function that
automatically directs commands and password-related
updates to one or more remote systems. See also
automatic command direction
and
automatic password
direction
.
automatic password direction. An extension of
password synchronization and automatic command
direction that causes RACF to automatically change the
password for a user ID on one or more remote nodes
after the password for that user ID is changed on the
local node. Profiles in the RRSFDATA class control for
direction are active. See also
password
synchronization, automatic command direction
, and
automatic direction
.
C
cache structure. A coupling facility structure that
contains data accessed by systems in a sysplex. MVS
provides a way for multiple systems to determine the
validity of copies of the cache structure data in their
local storage.
callable service. In OpenEdition MVS, a request by
an active process for a service. Synonymous with
syscall
,
system call
.
CDT. See
class descriptor table
.
class. A collection of RACF-defined entities (users,
groups, and resources) with similar characteristics. The
class names are USER, GROUP, DATASET, and the
classes that are defined in the class descriptor table.
class authority (CLAUTH). An authority enabling a
user to define RACF profiles in a class defined in the
class descriptor table. A user can have class
authorities to one or more classes.
class descriptor table (CDT). A table consisting of an
entry for each class except the USER, GROUP, and
DATASET classes. The table is generated by
executing the ICHERCDE macro once for each class.
The class descriptor table contains both the IBM
provided classes and also the installation defined
classes.
CLAUTH. See
class authority
.
command direction. A RRSF function that allows a
user to issue a command from one user ID and direct
that command to run under the authority of a different
Copyright IBM Corp. 1994, 1996 65