CA TPX Session Management for z/OS

Tuesday Tipp: How to secure Password in Batch transfers?

  • 1.  Tuesday Tipp: How to secure Password in Batch transfers?

    Posted 02-12-2015 10:15 AM

    When you do a transfer from XCOM on z/OS you need to specify the userid and password in the Job. If you do not want to use trusted transfer you need to specify userid and password. But how to secure that?
    Well, there is this circumvention available:
    1. Remove Parameters USERID= and PASSWORD= fron the SYSIN01 and store it in a separate member. Then concatenate that

        member behind DD-Card SYSIN01 as follows:

     

      //SYSIN01 DD *
       IPNAME=nnn.nnn.nnn.nnn
       IPPORT=8044
       TYPE=SEND
       FILETYPE=FILE
       FILEOPT=REPLACE
       LFILE=AAA.BBB.CCC
       FILE=/aaa/bbb/ccc.txt
       ...
      /*
      // DD DISP=SHR,DSN=DDD.EEE.FFF(USERPASS)

     

    2. You can encrypt the password in that member by using the XCOMENCR job provided in the CBXGLOAD dataset. This will

        replace the readeable password by an encrypted one. XCOM is able to interprete that encrypted password.

    3. You can restrict access to the dataset (in this example 'DDD.EEE.FFF') to a small number of users.