Securing Keyrings

Document ID : KB000012015
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:

Can keyrings be secured by CA Top Secret?

 

Answer:

To use the ring-specific checking, the RDATALIB resource class is used.

With ring-specific profile checking, a resource with the format

RDATALIB(<ringOwner>.<ringName>.LST)

is used to provide access control to a specific key ring on R_datalib READ functions, that are, DataGetFirst, DataGetNext, and GetUpdateCode. A resource with the format <ringOwner>.<ringName>.UPD is used to provide access control to a specific key ring on the UPDATE functions, that are, NewRing, DataPut, DataRemove, and DelRing.

Example PERMIT to authorize acid JOE to use JOE's Keyring called FTPRING.

TSS PERMIT(JOE) RDATALIB(JOE.FTPRING.LST) ACC(READ)