Planning security implementation
Read through this chapter to understand how you use Tivoli Workload Scheduler for z/OS security features. Consider the tasks in Table 22 when determining your security requirements.
Task | Page |
---|---|
Topic | |
How Tivoli Workload Scheduler for z/OS verifies access. | How Tivoli Workload Scheduler for z/OS verifies access authority |
Determine which user IDs require access to Tivoli Workload Scheduler for z/OS. | Identifying users |
Establish naming conventions for Tivoli Workload Scheduler for z/OS resources. | Establishing naming conventions for IBM Tivoli Workload Scheduler for z/OS resources |
Group RACF® users and resources. | Grouping RACF users and resources |
Review general security considerations. | General security considerations |
Determine if you use a centralized
or decentralized strategy. Your strategy determines to some extent
the levels of protection you need:
|
Examples of security strategies |
Controlling access to the Tivoli Workload Scheduler for z/OS subsystem | |
Controlling access to Tivoli Workload Scheduler for z/OS fixed resources | |
Controlling access to Tivoli Workload Scheduler for z/OS subresources | |
Review API security and access requirements if you use the API from your own TP or through the Tivoli Workload Scheduler for z/OS GUI. | Controlling access to Tivoli Workload Scheduler for z/OS from APPC |
Review security and access requirements if you use Dynamic Workload Console. | Controlling access to Tivoli Workload Scheduler for z/OS using Dynamic Workload Console |
Review access requirements for Tivoli Workload Scheduler for z/OS TSO commands. | Controlling access through TSO commands |
When you have determined your security requirements, implement security access:
Task | Page |
---|---|
Topic | |
Verify that the environment is set up. Ensure that
you have:
|
Refer to IBM Tivoli Workload Scheduler for z/OS Installation Guide |
Specify access to the subsystem. | Controlling access to the Tivoli Workload Scheduler for z/OS subsystem |
Specify fixed resources. | Controlling access to Tivoli Workload Scheduler for z/OS fixed resources |
Specify subresources. | Controlling access to Tivoli Workload Scheduler for z/OS subresources |
Implement security access through the Tivoli Workload Scheduler for z/OS API, if you use this function. | Controlling access to Tivoli Workload Scheduler for z/OS from APPC |
Implement security access through the Tivoli Workload Scheduler for z/OS server, if you use this function. | Controlling access to Tivoli Workload Scheduler for z/OS from APPC |
Specify subresources on the AUTHDEF statement. | AUTHDEF |
Specify resource names on the AUDIT statement, if you need audit information. | AUDIT |