Target User Collection
Original Publication Date: 1996-Jan-01
Included in the Prior Art Database: 2005-Mar-31
Farrell, W: AUTHOR [+8]
Disclosed is a method for allowing users of a computer security product to send commands and password changes to other userids or accounts. The method disclosed herein uses the IBM Resource Access Control Faclility (RACF)* remote sharing facility (RRSF). The other userids can be on the same system or a different system.
Target User Collection
a method for allowing users of a computer security
product to send commands and password changes to other userids or
accounts. The method disclosed herein uses the IBM Resource Access
Control Faclility (RACF)* remote sharing facility (RRSF). The other
userids can be on the same system or a different system.
component of this function is the Target User
Collection (TUC), a data area associated with the RACF user profile
of an IBM time sharing option (TSO) userid on an RRSF node, whose
entries define associations with other userids at the same or
different RRSF nodes. When the appropriate RACF profiles have been
defined, and a TUC has been created for a userid, that userid can
direct RACF commands to run under the authority of an associated
userid. Optionally, password changes can be synchronized among the
remote sharing facility (RRSF) allows multiple
MVS/ESA* (MVS) system images which cannot physically share the RACF
database to be defined to RACF as an RRSF network, where each of the
MVS system images is an RRSF node. In an RRSF network, RRSF nodes
can send RACF commands and data to each other. The target user
collection (TUC) provides the control required to allow users on an
RRSF node to send RACF commands and password changes to userids other
than the one they are logged on to, without compromising the security
of the systems.
RACF allows two types of associations to be defined
o Peer associations allow both members of the association to
RACF commands to each other. A peer association can optionally
allow its members to have RACF keep their passwords
that is, when the password for one of the members is changed,
RACF makes the same change to the password for the other
Peer associations are typically established between multiple
userids used by the same person.
o Managed associations designate one member of the association to
be the managing member, and the other one to be the managed
member. The managing member can direct commands to the managed
member, but the managed member cannot direct commands to the
managing member. The members of a managed association...