Security Implementation

Before Control-M/Tape is started in PHASED mode, security definitions (for example, who is allowed to update Control-M/Tape rules, and who has access to the Online facility) should be specified.

Control-M/Tape security is implemented in two stages:

1. Customize the Control-M/Tape interface with your security product. Detailed information on this stage is provided in the INCONTROL for z/OS Security Guide.
2. Modify the Control-M/Tape Security exits so that they are compatible with your site configuration. The following Control-M/Tape security exits are provided:

   Table 8 Control-M/Tape Security Exits

   Exit	Description
   CTTSE01	Checks authorization for ordering Control-M/Tape rules. This exit also checks if a user is authorized to activate procedure CTTINIT (used for Control-M/Tape initialization).
   CTTSE03	Checks authorization for file open requests and JCL parameters BLP and EXPDT=98000.
   CTTSE04	Checks authorization for dynamic definition of volumes (tapes) and data sets in the Media Database.
   CTTSE06	Checks authorization to update the Media Database through an online screen or a Control-M/Tape utility.
   CTTSE09	Checks authorization to print a tape label.

   For more information on Control-M/Tape security implementation, see the Control-M/Tape chapter in the INCONTROL for z/OS Security Guide.