## <br />Group Identifier<br />The Operator's SIF profile includes an optional Group Identifier which may contain any 10-character literal value to (cont.)<br />identity that Operator as belonging to an organization or project. MAGEC's security system does not act upon this in (cont.)<br />any way, however, facilities are provided for the Security Officers to do online "Scan and Find" operations to locate (cont.)<br />all Operators based on Group Identifier (and other Parameters). One useful purpose for this feature might be to (cont.)<br />terminate a group of contract workers at the conclusion of their project.<br />Since all security parameters for this session are passed (read-only) to the MMP's, it is possible that the MMP might interrogate the Group ID and impose certain security restrictions of its own.<br />## <br />Location Code<br />A standard MAGEC Lookup Table (Table # 252) defines the company's Location Codes. Location Codes may be used to (cont.)<br />describe physical locations (NYC = New York, DAL = Dallas) or to describe departments (FIN = Financial, ACP = Accts. (cont.)<br />Payable) or virtually any division of the entire environment appropriate for the company's needs. They are set up and (cont.)<br />maintained by the Security Officers using the standard functions: TBLADD, TBLCHG, etc.<br />The Device (DVC) profile, which is used to define terminals or network nodes, includes the Location Code to indicate (cont.)<br />the Location of this Device. If the TP Spooler option of MAGEC is installed then the Location Code specified on the DVC (cont.)<br />record which defines each printer will also be used for routing report data.<br />The Operator's (SIF) profile includes an Authorized Location parameter to indicate at which Locations he/she is allowed (cont.)<br />to Log On to MAGEC. MAGEC, at the time an operator is logging on, compares the Location Code of the device with the (cont.)<br />operator's Authorized Location code to determine whether this operator may log onto this terminal. The Authorized (cont.)<br />Location parameter may be "generic". That is, it need not specify an exact Location Code. For instance, it might (cont.)<br />contain "N&nbsp;.&nbsp;.", which would allow access at any Location with a Code having an N in the first position and (cont.)<br />any other characters in the second and third. Likewise, a value of ".&nbsp;.&nbsp;L" would allow access at any Location (cont.)<br />Code ending in "L". The dot (.) is a "wild card" used to indicate that MAGEC is to ignore comparisons on that position. (cont.)<br />A value of ".&nbsp;.&nbsp;." would allow access at any Location.<br />## <br />Hold Codes<br />The profiles for Operators, Devices, and Function Codes each include a "Hold" or "Disable" code which may be set or (cont.)<br />reset by Security Officers in real-time. In many cases MAGEC might automatically set a "Hold" in a profile also as (cont.)<br />discussed above. An Operator whose Hold Code is set to Y may be said to be "suspended".<br />## <br />Authorization Levels<br />An Authorization Level is expressed as a one-digit number from 0 through 9 inclusive, 0 being the lowest and 9 being (cont.)<br />highest. Each Function code (FCD) profile includes a Test Authorization Level and a Production Authorization Level for (cont.)<br />that Function Code. Remember, too, that each Function Code must belong to one (no more, no fewer) Logical (cont.)<br />Application.<br />The Operator's profile includes up-to 50 Authorization Levels, one for each Logical Application (LAP). The Device (cont.)<br />profile also includes up-to 50 such Authorization Levels, one per LAP. When an Operator Logs On to a Device, MAGEC (cont.)<br />saves his list of Authorization Levels for this session. In each LAP it saves the lower of either the Operator's or the (cont.)<br />Device's authorization level.<br />As each online transaction is received, MAGEC compares the Authorization Level for the Function Code (either Test or (cont.)<br />Production, depending upon User-View) against the corresponding saved Authorization Level (for this session) for the (cont.)<br />LAP to which the Function Code belongs.<br /># <br />Other Features<br />## <br />Custom Security Within MMP<br />Before MAGEC passes control to an MMP, it fills in an area near the top of the TWA (Task Work Area) named: (cont.)<br />TWA-SECURITY-DATA. That area contains information about the Operator and Terminal, including Location, Authorization (cont.)<br />Levels, the Logical Application of this transaction's Function Code, Group ID, and other security data. The MMP is free (cont.)<br />to interrogate this area and to restrict Operator access to, say, certain fields or certain values in certain (cont.)<br />fields.<br />## <br />Protection Against Program Violations<br />When an operator successfully logs on, MAGEC saves the necessary security data (Authorization Levels, etc.) into main (cont.)<br />memory in order to avoid having to re-read it for each subsequent transaction. MAGEC recognizes that main memory is (cont.)<br />ordinarily vulnerable to corruption by programs which might accidentally or deliberately alter it. In order to protect (cont.)<br />against possible Security Violations, MAGEC senses any change in the sensitive portion of memory and aborts the (cont.)<br />offending task with a message. It also logs off the operator who initiated that task and issues a marginally polite (cont.)<br />message.<br />## <br />Passwords on Library Members<br />In order to prevent unauthorized users from modifying any given member on the MAGEC Librarian, a Password facility is (cont.)<br />built in. Any user who is authorized to access and update a given member can also set a Password for it. Thereafter, (cont.)<br />only that user and others who know the Password can update that member. Refer to the "Librarian" chapter for more (cont.)<br />information.<br />## <br />VERZUN - Version Verification<br />A Security Officer might wish to know if and when a given application was last modified. This is especially valid when (cont.)<br />there is a suspicion that a production application was used to violate security restrictions or to access data which (cont.)<br />should not have been accessed. Because of MAGEC's central active dictionary, version numbers and date-changed (cont.)<br />information is always available; however, since an application consists of many different entities, the task of (cont.)<br />verifying versions could become tedious. MAGEC includes a special Version Verification function to take the drudgery (cont.)<br />out of the job. To execute it (online), enter the command: VERZUN MSKxxx, or VERZUN MMPyyy. Where xxx = Mask number, or (cont.)<br />yyy = MMP number.<br />The VERZUN function will produce a display showing (regardless which format of the command you chose) the status and (cont.)<br />versions for the load library member of the program, the screen Mask, the dictionary specifications used to create the (cont.)<br />Mask and program, the copybooks included into the program when it was compiled, and so forth. This accomplishes in one (cont.)<br />stroke what would take an average of ten or more individual transactions.<br /># <br />Audit Trails<br />## <br />Database Records<br />The database administrator (DBA), in defining files to MAGEC, specifies for each file whether or not its records (cont.)<br />include an Audit Stamp. An Audit Stamp is a 36-byte Element (portion of a record) which is used to note Who, When, (cont.)<br />Where, and What program last updated/added this record. If a file is specified as having Audit Stamps, MAGECIO (MAGEC's (cont.)<br />I/O module) will automatically maintain them as the online MMP's and batch MBP's (MAGEC Batch Programs) update the (cont.)<br />file. If a file does have Audit Stamps then it may also be specified for "Pseudo Deleting". In that case MAGECIO will (cont.)<br />update a "Delete Flag" in the Audit Stamp instead of actually deleting the record when an MMP or MBP requests a delete. (cont.)<br />Thereafter, MAGECIO will simulate a "NOT FOUND" condition whenever a program tries to read that record. The record will (cont.)<br />remain on file intact indefinitely until an application program is run to "Purge" flagged records to a history file (cont.)<br />(tape) and physically delete them. It is the responsibility of the application developers to provide such a Purge (cont.)<br />program. In cases where the data is extremely sensitive it is worthwhile to provide such protection for deleted (cont.)<br />data.<br />## <br />Online Activity<br />The MAGEC Activity Logging (MAL) facility is provided to produce a record of online activity (mainframe versions of (cont.)<br />MAGEC, only) for use in System Tuning, User Chargeback, and Security activities. A system global parameter specified in (cont.)<br />the MAGEC paramaters table (Table #243) determines whether this feature is activated or not. The Logging is done in the (cont.)<br />resident MAGEC nucleus and may be activated or deactivated by changing the global parameter (named "MAG-ACT-LOG" in (cont.)<br />Table #243) and issuing the **LOAD command at any time. Since there is usually a complete MAGEC system installed for (cont.)<br />Test and another for Production, MAL may be activated for either, both, or neither as needs dictate. The MAGEC nucleus (cont.)<br />consists of the modules MAGECCP and MAGECIO.<br />If the feature is activated, statistics will be recorded for Functions, Terminals, and Operators. The statistics (cont.)<br />captured include detailed I/O counts, transaction counts, and error counts. An offline (batch) utility program (cont.)<br />(MALUTIL) is provided to extract statistics from the Log file (MAL file) and append them to a cumulative Log tape. This (cont.)<br />may be done on any desired frequency without losing any data. A utility reporting program is also provided (MALRPT) (cont.)<br />which produces a variety of reports from the tape file. Detailed or summarized figures may be reported in a variety of (cont.)<br />sequences and with consolidation capabilities. Summaries of activity by Location and by Logical Application may be (cont.)<br />produced. Potential Security violations will be highlighted on the report.<br />Online inquiry Functions are provided for Security Officers and other concerned parties to view MAL statistics as the (cont.)<br />system is running. In seconds, the Security Officer can see who may do any Function (WHOMAY function code), or who did (cont.)<br />do any Function (WHODID function code), or peruse Operator activity (OPRACT function code).<br /># <br />Dictionary Maintenance<br />All the Security parameters are stored on MAGEC Dictionary files and maintained online via real-time Functions. (cont.)<br />&nbsp;In most cases the standard set of nine Functions is provided against each type of data, the standard functions (cont.)<br />are:<br />xxxADD Add a record to the file<br />xxxDEL Delete a record from the file<br />xxxCHG Change a record on the file<br />xxxSEE See a record on the file<br />xxxNXT See the next record<br />xxxDUP Duplicate a record<br />xxxLOC Locate a record (browse)<br />xxxSCN Scan for selected records<br />xxxFND Find records meeting selection criteria<br />In all cases there is full online documentation for all Functions. The Security Officer who requires assistance may (cont.)<br />reference this chapter and/or review the online documentation. To see the online documentation for any MAGEC Function (cont.)<br />just enter the Function Code, when the screen returns (in the proper format for that Function) then press PF1 (F1 on a (cont.)<br />PC), the universal MAGEC "HELP" key. When entering the desired Function Code (in upper left corner of the screen) it is (cont.)<br />a good idea to clear the screen key area, SKEY (immediately following Function Code) to spaces so that MAGEC will not (cont.)<br />think that you have mis-entered the key and, therefore, present the key analysis rather than the function-level HELP (cont.)<br />text.<br />While doing these (or any) Functions, entry errors will be noted by Error messages presented on the last three lines of (cont.)<br />the screen. Pressing the HELP key while Error messages are shown will result in MAGEC's displaying documentation for (cont.)<br />those Error messages instead of for the Function Code. Also, it is possible that there might be a "Broadcast Message" (cont.)<br />which MAGEC "thinks" the Terminal Operator has not yet seen. In that case there would be a "Notification" on the last (cont.)<br />line of the screen, pressing HELP then would result in a display of the "Broadcast Message" instead of documentation (cont.)<br />for the Function. The Notification will disappear after the Broadcast Message has been seen and the HELP key will (cont.)<br />revert to its usual purpose.<br />The Functions ending in LOC, SCN, or FND are browse Functions. From any browse Function screen the cursor may be used (cont.)<br />to select an item. By positioning the cursor on the line of the screen on which an item is listed and pressing the (cont.)<br />ENTER key (large plus key, on a PC) control will transfer to the SEE (full screen display) Function for the selected (cont.)<br />item. Pressing PF4 (F4, on a PC) instead of ENTER will pass control to the CHG (update) Function.<br />The MAGEC Menu Facility may be used to access any of the Security Maintenance Functions by entering a Function Code of: (cont.)<br />**MENU. When the MAIN MENU appears the cursor may be moved down to select the *Security System Logical Application (cont.)<br />(49)* second-level Menu. The second-level menu shows a list of functions and groups of functions which are part of the (cont.)<br />security system and for which you are authorized. You can cursor-select one of these items. If you select an individual (cont.)<br />function, you will be transferred to its screen immediately. If you select a group, you will be transferred to a (cont.)<br />low-level menu for that group. You may then select a function from the group.<br /># <br />Security Officers<br />There are two levels of Security Officers, Central Security Officers and Local Security Officers. The determination of (cont.)<br />which type one is is solely a factor of the Authorization Level He/She possesses in the Security System Logical (cont.)<br />Application (49) on the SIF profile. Operators with a Level of 9 in LAP 49 are, by definition, Central Security (cont.)<br />Officers. Those with a Level of 8 are, by definition, Local Security Officers. Operators having a Level 0 through 7 in (cont.)<br />LAP 49 are *not * Security Officers at all.<br />A Central Security Officer has virtually unrestricted access to any MAGEC Function and any MAGEC User View. Many of the (cont.)<br />restrictions which limit ordinary Operators are summarily bypassed when a Central Security Officer Logs On. Needless to (cont.)<br />say, there should be a limited number of Central Security Officers and their Passwords should be carefully (cont.)<br />guarded.<br />A Local Security Officer has the ability to do maintenance Functions to the Dictionary profiles which control security, (cont.)<br />*but only within certain limitations.* The Local Officer can inquire into almost all the security profiles but will be (cont.)<br />able to update only those for his/her Location. Passwords will be suppressed from all displays except for Operators at (cont.)<br />the same Location. Local Officers may update Device profiles only for Devices at that Location, and Function Code (cont.)<br />profiles may be updated only if the Local Officer's Authorization would allow access to them.<br />When a (SIF) profile for a Security Officer is displayed on the screen, a heading will be displayed on the right half (cont.)<br />of the top line of the screen (SCOMPL). The heading will say either CENTRAL SECURITY OFFICER or LOCAL SECURITY OFFICER (cont.)<br />as appropriate. If the Operator is Suspended or Terminated, whether a Security Officer or not, SCOMPL will contain a (cont.)<br />message saying so.<br /># <br />Compatibility<br />## <br />Co-Existence with Other Security<br />The MAGEC Security System does not interfere with any other System which may be installed. It does not involve any (cont.)<br />alterations to the TP Monitor or Operating System software. It is totally acceptable to use the MAGEC Security system (cont.)<br />and also continue using another security system as well to control access to Trans-ID's.<br />## <br />Automatic Log On<br />You can interface between MAGEC and an external security system, One way of doing that is to use the interface program (cont.)<br />provided with MAGEC to extract security ID's from some other security system and to automatically log the Operator onto (cont.)<br />MAGEC. This means that the Operator never sees the MAGEC Log On screen, but full security protection is still afforded. (cont.)<br />The interface program is a Cobol program for which source code is available. The interface program is named MAGLOGON. (cont.)<br />It enables interfaces to TopSecret, RACF, ACF2, Novell NetWare, and even to home-grown security (cont.)<br />systems.<br />A trans-id of MAGL is provided to invoke the Automatic Log On facility which provides the same functionality on either (cont.)<br />a mainframe or on a Novell network. Also refer the the topic "Auto Log On" later in this section<br />## <br />MAGEC Security as the Master<br />Another approach is to allow the MAGEC security system to be the controlling, or master, system for all online (cont.)<br />applications, MAGEC or non-MAGEC. This is done using the transfer-in, transfer-out utilities provided with MAGEC (cont.)<br />(MAGXFRIN, MAGXFROT) to seamlessly transfer control back and forth between MAGEC and non-MAGEC programs. You can then (cont.)<br />write a simple dispatcher, or menu, program in MAGEC which governs access to external Trans-ID's based upon Operator ID (cont.)<br />and authorization levels.<br />## <br />Dynamic Calls to External Security<br />Yet another architecture is provided to interface with external security systems. You can specify that MAGEC is to (cont.)<br />issue a call to an external security module *after* doing any appropriate security checking against the intrinsic MAGEC (cont.)<br />security parameters. This enables you to code a program which accesses any other security system and makes a (cont.)<br /><br />next: sec03.md.txt