Adabas SAF Security Configuration Parameters

Level of protection for Adabas Basic Services:

• 0: disables ADASAF protection for Adabas Basic Services

• 1: ADASAF is to protect main functions only

• 2: ADASAF is to protect both main and subfunctions

See also the section Adabas Basic Services.

ABS={0| 1 | 2 }

Indicates whether or not the Logon ID of the security package is to be used as the Adabas Security password.

• N: the Logon ID of the security package is not to be used as the Adabas Security password

• Y: the Logon ID is placed in the Additions 3 field of the Adabas control block for use by Adabas

ADASCR={N | Y }

Indicates whether or not ADASAF should extract Adabas cipher codes from RACF and apply them to the relevant Adabas commands.

• N: ADASAF should not extract Adabas cipher codes from RACF and apply them to the relevant Adabas commands

• Y: ADASAF will extract Adabas cipher codes from RACF and apply them to the relevant Adabas commands

CIPHER={N| Y }

The name of the ADASAF database resource class name. The name can be up to eight alphanumeric characters.

DBCLASS={ name | ADASEC}

The format of the Database ID and file number in resource profiles:

• 0: 3 digits with leading zeroes

• 1: 5 digits with leading zeroes

• 2: up to 5 digits with leading zeroes suppressed

The default value is recommended to simplify reporting and maintenance of security profiles; to allow for the large Database IDs and file numbers introduced with Adabas version 6; and to allow for ET data protection, if required.

DBFLEN={ 0 |1| 2 }

The number of database checks to be buffered per user, in the cache defined by GWSIZE. These buffered checks are used to avoid repeated SAF calls for a user when LOGOFF=NEVER or LOGOFF=TIMEOUT is specified.

DBNCU=0

Indicates whether or not access to undefined Adabas resources should be allowed. The normal mode of operation is to prevent access to resources not defined to the security system. Profiles representing Adabas resources are added to the security repository with either a default access or by granting access to specific users and groups.

• N: access to undefined Adabas resources is not allowed

• Y: access to undefined Adabas resources is allowed

  Note:
  This option does not permit access to resources defined with universal access "none".

DBUNI={N| Y }

Use of delimiter when defining an entity name.

• N: the entity name begins with ACC for access commands and UPD for update commands and does not contain a full stop (period) delimiter

• Y: the entity name begins with CMD and has a full stop (period) delimiter between the Database ID and file number

DELIM={ N | Y}

Indicates whether or not ADASAF should protect commands that access or create ET data.

• N: ADASAF should not protect commands that access or create ET data

• Y: ADASAF should protect commands that access or create ET data

This parameter is only honored if fixed-length Database IDs and file numbers are used in the resource profile names (that is, the DBFLEN parameter specifies 0 or 1). File number 00000 (DBFLEN=1) or 000 (DBFLEN=0) is checked for the relevant database. RE commands need read access; OP commands with Command Option 2 set to E need read access; ET, CL, and C3 commands with Command Option 2 set to E need update access.

ETDATA={ N |  Y }

Indicates whether or not the Group ID rather than the User ID is to be used for resource authorization checking.

• N: Group ID is not to be used for resource authorization checking

• Y: Group ID is to be used for resource authorization checking

GROUP={ N | Y }

The tracing level for database security checks.

• 0: no tracing

• 1: trace violations only

• 2: trace successful checks only

• 3: trace all checks

For easier problem diagnosis and auditing, trace messages include a time stamp and the name of the job that issued the Adabas call.

GWMSGL={ 0 | 1 | 2 | 3 }  

The amount of storage (in kilobytes) to be used for caching user information related to the security system, for example checked entity names. For more information, see the section Accessing and Changing Database Data.

GWSIZE=16

The SAF security type.

• 1: RACF

• 2: CA-Top Secret

• 3: CA-ACF2

• 4: RACF executing on a Fujitsu operating system.

 GWSTYP={ 1 | 2 | 3 | 4 }

Indicates when ADASAF should log off users from the SAF security system.

• ALWAYS: ADASAF is to log off the user whenever the associated Adabas user session ends, either because of a Close command or because the Adabas user has been stopped or timed out.

• NEVER: ADASAF is to log off the user only when the user's memory (in the cache specified by GWSIZE) needs to be allocated to a new user.

• TIMEOUT: ADASAF is to log off the user only when the associated Adabas user session has been timed out or stopped.

The settings LOGOFF=NEVER and LOGOFF=TIMEOUT will substantially reduce SAF overheads in databases where users often issue Close commands and then start a new session. However, it may be necessary to increase GWSIZE to provide enough memory to save the user details across Close commands.

Use the Adabas session statistics "Number of users participating" and "Number of commands executed" to decide whether LOGOFF=NEVER or LOGOFF=TIMEOUT should be used. If the number of commands per user is relatively low, consider setting LOGOFF=TIMEOUT and then using ADASAF's Online Services to monitor the effectiveness of GWSIZE: option 1 shows the number of allocations (new users created) and overwrites (old users deleted); if these are high, increase GWSIZE.

If the Adabas non-activity timeout values are such that users are frequently timed out, set LOGOFF=NEVER rather than LOGOFF=TIMEOUT.

LOGOFF={ ALWAYS | NEVER | TIMEOUT }

The number of files for which security information is to be cached for each user. If a user accesses more than this number of files, the oldest entries will be overwritten.

 MAXFILES={ nnnn | 16 }

The maximum number of passwords and cipher codes to be extracted from RACF for the current Adabas nucleus. If ADASAF finds more than this number, nucleus initialization is terminated with message AAF010.

MAXPCC={ nnnn | 16}

Indicates whether or not calls from unsecured mainframe clients are to be allowed. An unsecured mainframe client is a client operating in an environment that does not provide security information via the Adabas router. For example, a remote Lpar where the router has not been linked with the SAF security extensions (SVCSAF) or a CICS job that is not using ADATRUE.

• N: Calls from unsecured mainframe clients are not to be allowed

• Y: Calls from unsecured mainframe clients are to be allowed

Caution:
It is strongly recommended not to use NOTOKEN=Y since this may allow unauthorized access to or updating of Adabas data. NOTOKEN=Y is only intended for extremely short-term use during a phased implementation of Adabas SAF Security.

NOTOKEN={ N | Y }

The name of the ADASAF database resource class name for use in cross-level checks. The name can be up to eight alphanumeric characters.

NWCLASS={ name | ADASEC}

The number of database checks to be buffered per cross-level user, in the cache defined by GWSIZE.

NWNCU=0

Indicates whether or not access to undefined Adabas resources should be allowed for cross-level checks. The normal mode of operation is to prevent access to resources not defined to the security system. Profiles representing Adabas resources are added to the security repository with either a default access or by granting access to specific users and groups.

• N: access to undefined Adabas resources is not allowed for cross-level checks

• Y: access to undefined Adabas resources is allowed for cross-level checks

Note:
This option does not permit access to resources defined with universal access "none".

NWUNI={ N | Y }

The User ID to be used for database cross-level security checks issued on behalf of workstation users.

NWUSRW=WINUSER

Indicates whether or not ADASAF should extract Adabas passwords from RACF and apply them to the relevant Adabas commands.

• N: ADASAF should not extract Adabas passwords from RACF and apply them to the relevant Adabas commands

• Y: ADASAF should extract Adabas passwords from RACF and apply them to the relevant Adabas commands

PASSWORD={N | Y }

The mechanism ADASAF should use to protect calls from remote users.

• LINK: ADASAF is to use, as the SAF Logon ID, the Entire Net-Work link name by which the call arrived

• NODE: ADASAF is to use, as the SAF Logon ID, the Entire Net-Work node name from which the call arrived

• NONE: this setting must only be used in conjunction with Entire Net-Work SAF Security

• POPUP: ADASAF is to initiate the remote workstation logon procedure

REMOTE={ LINK | NODE | NONE | POPUP}

Specify whether security check trace messages should be written to DD SAFPRINT or to DD DDPRINT.

• N: security check trace messages are to be written to DD DDPRINT

• Y: security check trace messages are to be written to DD SAFPRINT

If SAFPRINT=Y is specified, but a SAFPRINT dataset is not provided, the trace messages will be written to DDPRINT.

The SAFPRINT dataset must be defined in the nucleus JCL and may refer to a SYSOUT dataset or to a file defined with RECFM=F (or FB) and LRECL=121.

SAFPRINT={N | Y }

The AAF prefix messages issued by ADASAF may be written in mixed or upper case. For compatibility with previous versions, the default is upper case.

• M: AAF prefix messages are to be written in mixed case

• U: AAF prefix messages are to be written in upper case

WTOCASE={ M | U }

The type of database cross-level security checking to be performed.

• 0: no cross-level checking

• 1: Perform a cross-level check only on a user's first call to a database nucleus

• 2: Perform a cross-level check every time a standard check is performed; this option may be useful if only certain files in the database should be accessible to a particular job

• 3: The User ID of the originating job should form part of the resource profile name. This option may be useful when different users have different access requirements, depending on the environment in which they are running

XLEVEL={0 | 1 | 2 | 3 }