Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
CA IDMS Security Technical Implementation Guide
SRG-APP-000340-DB-000304
SRG-APP-000340-DB-000304
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
SRG-APP-000340-DB-000304
1 Rule
<GroupDescription></GroupDescription>
IDMS must prevent users without the appropriate access from executing privileged functions or tasks within the IDMS environment.
Medium Severity
<VulnDiscussion>In general, all functions within IDMS can be controlled, therefore it is up to the IDMS system administrator to determine which functions or tasks are secured or require proper authorization. Any function within the IDMS environment can be considered privileged if the administrator deems it appropriate. Access to different functions is protected through a number of load modules that are generated from assembler macros. The load modules are RHDCSRTT, IDMSCTAB, and IDMSUTAB. The related assembler macros are #SECRTT, #CTABGEN, and #UTABGEN. The #SECRTT macro is used to define different functions to the ESM so that they can be secured. The #UTABGEN macro is used to secure specific OCF/BCF commands. The #CTABGEN macro is used to secure DCMT commands. IDMS provides several tasks, programs and data sets that, in the wrong hands, could allow access to sensitive data or give access to make detrimental changes. These tasks, programs and data sets should be deemed privileged and protected from unauthorized users.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>