← Back to z/OS TDMF for RACF Security Technical Implementation Guide

V-224541

CAT II (Medium)

Transparent Data Migration Facility (TDMF) configuration/parameter/option values are not specified properly.

Rule ID

SV-224541r1145284_rule

STIG

z/OS TDMF for RACF Security Technical Implementation Guide

Version

V7R2

CCIs

CCI-000381

Discussion

TDMF configuration/parameter/option settings control the security and operational characteristics of product. If these setting values are improperly specified, security and operational controls may be weakened. This exposure may threaten the availability of the product applications, and compromise the confidentiality of system and customer data.

Check Content

Have the products systems programmer display the configuration/parameters control statements used in the current running product to define or enable security.

If the following keywords specify the values in the TDMF security parameter member, this is not a finding.

Parameter Options:
VOLUME SECURITY = YES
CHECK TARGET EMPTY = YES

Session Options:
Volume Security is not available.
CHECKTarget|CHKTarget

Fix Text

The product systems programmer will verify that any configuration/parameters that are required to control the security of the product are properly configured and syntactically correct.
 
See the required parameters below:

Parameter Options:
VOLUME SECURITY = YES
CHECK TARGET EMPTY = YES

Session Options:
Volume Security is not available.
CHECKTarget|CHKTarget

Note: The ISSO will ensure that volume resource protection is defined to the ACP and access to volumes be given to the appropriate personnel.