Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
STATISTICS example z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
To help you understand how RACF® maintains
statistics, consider
the following:
If USER1 reads USER1.DATA, the overall READ count in the profile increases by one. No counts in the access list are changed, because access lists are not used when users process their own data. If USER2 reads the data set, two counts are updated: the overall READ count and the count in USER2's access list entry. If USER3 reads the data set, two counts are updated: the overall READ count and the count in USER3's access list entry (even though the entry says UPDATE). The counts in the access list merely record that access was granted by that entry. The access granted can be as specified by the entry, or a lower level, as in this example. If list-of-groups processing is active (through SETROPTS GRPLIST) and USER4 reads the data set, RACF examines the access list to see if any of USER4's groups are in the list. If any of the groups is found, the entry with the highest authority is used. In this case, the access list entry for GROUP2 (UPDATE) increases, along with the overall READ count for the profile. If any other user or group reads the data set, it gains access because of the universal access of READ, and the overall READ count increases. If any user with OPERATIONS authority updates the data set, the overall UPDATE count increases. |
Copyright IBM Corporation 1990, 2014
|