Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Defining Conversation Security Levels that Sessions Allow z/OS MVS Planning: APPC/MVS Management SA23-1388-00 |
|
With VTAM® 3.4 or higher, the CONVSEC field in the SESSION segment of the RACF® APPCLU profile lets you specify the level of security that the local LU will accept from its partner LU. CONVSEC overrides the protection set by the SECACPT keyword of the VTAM APPL statement, which specifies the level of security allowed in conversation requests to an LU from anywhere in the network. CONVSEC narrows that level down to one allowed in a session between two specific LUs. The CONVSEC values correspond to those of the SECACPT keyword:
For example, to allow conversation requests that include security
information or an already verified indicator, you could specify:
To allow conversation requests that include security information
or a persistent verification indicator, you could specify:
To delete the conversation security parameters, you can specify NOCONVSEC on the RALTER command. NOCONVSEC tells RACF to ignore conversation security levels when sessions are being established between LUs, and defaults to the value of the SECACPT keyword on the APPL statement. For more information about specifying conversation security parameters for APPCLU profiles, see z/OS Security Server RACF Command Language Reference. |
Copyright IBM Corporation 1990, 2014
|