Transformation list values for the INTENT parameter
Each transformation list defined to the INTENT parameter can include the following options:
Option | Description |
|---|---|
level1 TO level2 | Specifies that access intent level1 is to be transformed to access intent level2, as if the resource manager had requested that level of access intent originally Access intent levels may have the same meaning as corresponding values defined by the administrative command language for each respective ESM, as shown in Access intent interpretations by ESM, for a transformation. |
level1 RETURNS answer | Specifies that a resource access request that specifies an access intent of level1 is not to be passed to the ESM for processing, but will instead cause the security interface to respond to the resource manager with a return code as specified by the answer parameter value answer parameter values can be specified as follows:
|
Access intent interpretations by ESM, for a transformation
Access intent field | Interpretation by IBM RACF | Interpretation by CA-Top Secret | Interpretation by CA-ACF2 data set rules access level | Interpretation by CA-ACF2 generalized resource rule service level |
|---|---|---|---|---|
EXECUTE | EXECUTE | FETCH | EXEC | READ |
READ | READ | READ | READ | READ |
UPDATE | UPDATE | READ plus WRITE | WRITE | UPDATE |
WRITE | UPDATE | WRITE | WRITE | UPDATE |
Control | Control | WRITE | ALLOC | UPDATE |
ALTER | ALTER | ALL | ALLOC | UPDATE |
CREATE | ALTER | CREATE | ALLOC | ADD |
DELETE | ALTER | SCRTCH | ALLOC | DELETE |
Related topic