Space banner

   

This space provides the same content as before, but the organization of the home page has changed. The content is now organized based on logical branches instead of legacy book titles. We hope that the new structure will help you quickly find the content that you need.

Transformation list values for the INTENT parameter

Each transformation list defined to the INTENT parameter can include the following options:

Option

Description

level1 TO level2

Specifies that access intent level1 is to be transformed to access intent level2, as if the resource manager had requested that level of access intent originally

Access intent levels may have the same meaning as corresponding values defined by the administrative command language for each respective ESM, as shown in Access intent interpretations by ESM, for a transformation.

level1 RETURNS answer

Specifies that a resource access request that specifies an access intent of level1 is not to be passed to the ESM for processing, but will instead cause the security interface to respond to the resource manager with a return code as specified by the answer parameter value

answer parameter values can be specified as follows:

  • YES (return code 0)

  • MAYBE (return code 4)

  • NO (return code 8)

Access intent interpretations by ESM, for a transformation

Access intent field

Interpretation by IBM RACF

Interpretation by CA-Top Secret

Interpretation by CA-ACF2 data set rules access level

Interpretation by CA-ACF2 generalized resource rule service level

EXECUTE

EXECUTE

FETCH

EXEC

READ

READ

READ

READ

READ

READ

UPDATE

UPDATE

READ plus WRITE

WRITE

UPDATE

WRITE

UPDATE

WRITE

WRITE

UPDATE

Control

Control

WRITE

ALLOC

UPDATE

ALTER

ALTER

ALL

ALLOC

UPDATE

CREATE

ALTER

CREATE

ALLOC

ADD

DELETE

ALTER

SCRTCH

ALLOC

DELETE

Was this page helpful? Yes No Submitting... Thank you

Comments