Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Planning considerations for security labels z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
For details about implementing security labels for a multilevel-secure environment, see z/OS Planning for Multilevel Security and the Common Criteria. Even though a single user can use more than one security label, it might be easier to assign each person a separate user ID for each security label used. Also, some consideration should be taken before using resource profiles that, due to their naming structure, would either cause large numbers of resources to be protected by the same security label (for example: userid.*) or protect resources that need to be accessed when the user is logged on at different security labels (for example, a NAMES data set). These types of resources can be grouped into several categories
and following certain procedures can minimize the impact of their
use. You might consider creating data set profiles with the following
naming structure:
For example, if SMITH needs to use security labels EAGLE and THRUSH,
create profiles like:
Some services create new data sets based on the user's user ID. If
the SETROPTS MLS option is in effect, authorization failures occur
whenever the user uses a security label that is different from the
security label that was in use when the data set was created. Applications
that create such data sets should consider using the REXX RACVAR function
package to determine the current security label for inclusion in the
names of such data sets.
When RACF checks a user's authority to use a terminal or console, or the authority of outbound work to use a JES writer, RACF uses "reverse MAC" (mandatory access checking). That is, the security label of the profile protecting the writer must be equal to or greater than the security label of the user or outbound work. |
Copyright IBM Corporation 1990, 2014
|