IBM GC28-1920-01 Server User Manual


 
user ID on the same or a different RRSF node. Before
a command can be directed from one user ID to
another, a user ID association must be defined between
them via the RACLINK command.
command interpreter. A program that reads the
commands that you type in and then executes them.
When you are typing commands into the computer, you
are actually typing input to the command interpreter.
The interpreter then decides how to perform the
commands that you have typed. The shell is an
example of a command interpreter. Synonymous with
command language interpreter
. See also
shell
.
command language interpreter. Synonym for
command interpreter
.
coupling facility. The hardware element that provides
high-speed caching, list processing, and locking
functions in a sysplex.
D
Data Facility Product (DFP). A program that isolates
applications from storage devices, storage
management, and storage device hierarchy
management.
data security. The protection of data from
unauthorized disclosure, modification, or destruction,
whether accidental or intentional.
data security monitor (DSMON). A RACF auditing
tool that produces reports enabling an installation to
verify its basic system integrity and data-security
controls.
data set profile. A profile that provides RACF
protection for one or more data sets. The information in
the profile can include the data-set profile name, profile
owner, universal access authority, access list, and other
data. See
discrete profile
and
generic profile
.
data sharing mode. An operational RACF mode that
is available when RACF is enabled for sysplex
communication. Data sharing mode uses global
resource serialization protocol that allows concurrent
RACF instances to directly access and change the
same database while maintaining data integrity as
always. Data sharing mode requires installation of
coupling facility hardware.
default group. In RACF, the group specified in a user
profile that is the default current connect group.
DEFINE request. The issuing of the RACROUTE
macro with REQUEST=DEFINE specified. Also, using
a RACF command to add or delete a resource profile
causes a DEFINE request. The DEFINE request
replaces the RACDEF function.
DFP. See Data Facility Product.
DFP segment. The portion of a RACF profile
containing information relating to the users and
resources that are managed by the data facility product
(DFP).
DIRAUTH request. The issuing of the RACROUTE
macro with REQUEST=DIRAUTH specified. A
DIRAUTH request works on behalf of the
message-transmission managers to ensure that the
receiver of a message meets security-label
authorization requirements.
directed command. A RACF command that is issued
from a user ID on an RRSF node. It runs in the RACF
subsystem address space on the same or a different
RRSF node under the authority of the same or a
different user ID. A directed command is one that
specifies AT or ONLYAT. See also
command direction
and
automatic command direction
.
directory. (1) A type of file containing the names and
controlling information for other files or other directories.
(2) A construct for organizing computer files. As files
are analogous to folders that hold information, a
directory is analogous to a drawer that can hold a
number of folders. Directories can also contain
subdirectories, which can contain subdirectories of their
own. (3) A file that contains directory entries. No two
directory entries in the same directory can have the
same name. (4) A file that points to files and to other
directories. (5) An index used by a control program to
locate blocks of data that are stored in separate areas
of a data set in direct access storage.
discrete profile. A resource profile that can provide
RACF protection for only a single resource. For
example, a discrete profile can protect only a single
data set or minidisk.
DSMON. See
data security monitor
.
E
entity. A user, group, or resource (for example, a
DASD data set) that is defined to RACF.
EXTRACT request. The issuing of the RACROUTE
macro with REQUEST=EXTRACT specified. An
EXTRACT request retrieves or replaces certain
specified fields from a RACF profile or encodes certain
clear-text (readable) data. The EXTRACT request
replaces the RACXTRT function.
66 OS/390 V1R2.0 Security Server (RACF) Planning: Installation and Migration