System Command Control
Locum's System Command Control implementation (CENSOR) is a module of the Safe & Secure package and allows the Security Administrator to delegate the use of specific system commands to selected users. CENSOR is designed to reduce the requirements for privileged or systemuser usercodes on a system. By allowing delegation of ODT functionality, but maintaining accountability and security restriction, CENSOR helps resolve daily security concerns in both large and small Unisys ClearPath MCP environments.
Delegation of System Commands
System commands may be delegated to users as 'interrogation only', thus restricting update functionality.
Allocation to Usercode or Accesscode
The allocation of system commands is accomplished through a hierarchical structure. For example, some inquiry commands may be open to all users, whilst more powerful commands may be made available on an individual basis.
Verification of Identity
The Security Administrator may optionally enforce the confirmation of the user's identity when sensitive commands are input, by requesting the user's password. This alleviates the potential security problem which arises when a user who is permitted to use sensitive or 'dangerous' system commands, leaves a workstation unattended.
Audit and Reporting
The user's identity is logged to the system log together with the command used and the station name. Successful and failed confirmations are also logged for those commands requiring verification of the user's identity.
CENSOR allows the Security Administrator to establish a two-character code for the CENSOR Marc directive. The user interface to CENSOR is via input on MARC's action line of the two-character code established for the directive. By prefixing the system or COMS command by the two-character code, users are able to use the commands for which they are authorised.
The optional module ODTCONTROL operates by restricting system commands. Thereafter, only a usercode with the necessary privilege may use the specified restricted commands. Locum's System Command Control (CENSOR), operates by authorising system commands to non-privileged users. In a mixed CENSOR and ODTCONTROL environment, CENSOR recognises and supports the ODTCONTROL software product.