mainframes banner

ClearPath Mainframe Servers - Secure Connectivity Access Control and Authorization

Access control is closely related to authorization, which establishes users’ rights. Access control provides controlled resource access that’s based on user identity, including the protection of files that you must shield from prying eyes and malicious or unintentional modification.


Authorization is the security practice of permitting access to systems and files through applied security policies and file access restrictions.


Authorization also controls administrative tasks such as:

  • Backup and restore
  • Adding and assigning privileges to other users
  • Allowing certain operational tasks to be performed remotely

Flexible Access Control

The security protections you implement depend on your requirements, particularly your evaluation of the trade-offs. Security is always a trade-off among:

  • Ease of use
  • Administration costs
  • Value of the data protected

ClearPath systems give you the flexibility you need to tailor your access control and make the appropriate trade-offs for your site. MCP offers a wide range of security protections: from minimal security to security that meets the more stringent requirements of financial institutions and government agencies. In fact, MCP access controls are superior to offerings found on most other operating systems.

 

Here are some of the access control solutions you might implement:

  • Public and Private Files
    When you want to let everyone read and write the files, you can create public files. On the other hand, you can also create private files that only you, their creator, can access.
  • Guard Files
    In addition to assigning general access controls to files such as public or private, many other, specific access controls can be assigned to a file. MCP Guard Files give you a way to apply additional access controls that can further restrict access to files.

A guard file is a separate, higher level of security that defines the rights of various users and programs to access programs, data files and databases. A guard file can contain one or more access rules, which are all applied to the file that the guard file is assigned to protect. A single guard file can be applied to more than one file (so the same access rules are applied to many files.)


When a file is protected by a guard file, the system examines the access rules in the guard file to determine the access rights to the protected file.
Is it right for your business?
Contact Unisys