z/OS Open Cryptographic Services Facility Service Provider Module Developer's Guide and Reference
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Categories of operations

z/OS Open Cryptographic Services Facility Service Provider Module Developer's Guide and Reference
SC14-7514-00

The DL service provider interface (SPI) defines four categories of operations:

  • DL operations
  • Data store operations
  • Data record operations
  • Extensibility operations.

DL operations are used to control access to the DL library. They include:

  • Authentication to the DL Module - A user may be required to present valid credentials to the DL prior to accessing any of the data stores embedded in the DL module. The DL module will be responsible for insuring that the access privileges of the user are not exceeded.

The data store functions operate on a data store as a single unit. These operations include:

  • Opening and closing data stores - A DL service manages the mapping of logical data store names to the storage mechanisms it uses to provide persistence. The caller uses logical names to reference persistent data stores. The open operation prepares an existing data store for future access by the caller. The close operation terminates current access to the data store by the caller.
  • Creating and deleting data stores - A DL creates a new, empty data store and opens it for future access by the caller. An existing data store may be deleted. Deletion discards all data contained in the data store.
  • Importing and exporting data stores - Occasionally a data store must be moved from one system to another, or a DL service may need to provide access to an existing data store. The import and export operations may be used in conjunction to support the transfer of an entire data store. The export operation prepares a snapshot of a data store. (Export does not delete the data store it snapshots.)
  • The import operation accepts a snapshot (generated by the export operation) and includes it in a new or existing data store managed by a DL. Alternately, the import operation may be used independently to register an existing data store with a DL.

The data record operations operate on a single record of a data store. They include:

  • Adding new data objects - A DL adds a persistent copy of data object to an open data store. This operation may or may not include the creation of index entries. The mechanisms used to store and retrieve persistent data objects are private to the implementation of a DL module.
  • Deleting data objects - A DL removes single data object from the data store.
  • Retrieving data objects - A DL provides a search mechanism for selectively retrieving a copy of persistent security objects. Selection is based on a selection criterion.

Data store extensibility operations include:

Pass through for unique, module-specific operations - A passthrough function is included in the DLI to allow data store libraries to expose additional services beyond what is currently defined in the OCSF API. OCSF passes an operation identifier and input parameters from the application to the appropriate DL. Within the DL_PassThrough function in the DL, the input parameters are interpreted and the appropriate operation performed. The DL developer is responsible for making known to the application the identity and parameters of the supported passthrough operations.

Parent topic: Data storage library interface

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014