top - download
⟦53a3bd624⟧ Wang Wps File
Length: 14605 (0x390d)
Types: Wang Wps File
Notes: FIKS SPU PSP
Names: »5020A «
Derivation
└─⟦1f5010eea⟧ Bits:30006143 8" Wang WCS floppy, CR 0473A
└─ ⟦this⟧ »5020A «
WangText
…00……00…>…86…1
…02…
…02…
…02…
…02…
5020A/473A…86…1
…02…
…02…
…02…
…02…FIX/1161/PSP/0095
…02…APE/890608…02……02…ii
SPU
SUBSYSTEM
PRODUCT
SPECIFICATION
…02…REV/840430…02……02…FIKS
…06…1 …02… …02… …02… …02… …02…
FIKS SPU SUBSYSTEM PSP
FIX/1161/PSP/0095
AK
FMK
…0e…FMK (5), AK (4)
FIKS
Prgrm.Mgr.
…0e…1.1…0f…
890608
REVISION RECORD
REVISION RECORD
REVISION RECORD
REVISION RECORD
REVISION RECORD
̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲
̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲…06…1 …02… …02… …02…
ISSUE DATE PAGES BRIEF
DESCRIPTION
OF
CHANGE
ISSUE DATE PAGES BRIEF
DESCRIPTION
OF
CHANGE
ISSUE DATE PAGES BRIEF
DESCRIPTION
OF
CHANGE
ISSUE DATE PAGES BRIEF
DESCRIPTION
OF
CHANGE
ISSUE DATE PAGES BRIEF
DESCRIPTION
OF
CHANGE
AFFECTED
AFFECTED
AFFECTED
AFFECTED
AFFECTED
̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲
̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ^ ^
^
1 ^840430 ^ All ^
First
issue
of
document.
^ ^ ^
1.1 ^890608 ^ DCN 1 ^
Changed
in
accordance
with
Order
no:
31/88
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
^ ^ ^
T̲A̲B̲L̲E̲ ̲O̲F̲ ̲C̲O̲N̲T̲E̲N̲T̲S̲
1 SCOPE ........................................
01
1.1 INTRODUCTION .............................
01
1.2 ABBREVIATIONS ............................
01
2 APPLICABLE DOCUMENTS .........................
02
3 MODULE SPECIFICATIONS ........................
03
3.1 FUNCTIONAL CAPABILITIES ................
03
3.1.1 Maintenance of the USP-file ........
03
3.1.2 Display of the USER-ID's ...........
03
3.2 INTERFACE DESCRIPTION ..................
04
3.3 PROCESSING .............................
05
3.3.1 DSS Command ........................
06
3.3.2 DSI Command ........................
08
3.4 DATA ORGANIZATION ......................
09
3.5 STORAGE ALLOCATION .....................
10
3.6 PERFORMANCE CHARACTERISTICS ............
10
3.7 LIMITATIONS ............................
10
3.8 ERROR CODES/ERROR LOCATIONS ............
11
3.9 PREPARATIONS FOR DELIVERY ..............
13
1 S̲C̲O̲P̲E̲
This document contains a function description, and
an AS-built product specification of the SPU-subsystem.
1.1 I̲N̲T̲R̲O̲D̲U̲C̲T̲I̲O̲N̲
The SPU-subsystem is used exclusively by the SCC-supervisor
to maintain the USP-file (User Security Profile-file)
on the SCC, and the Supervisor Security Profile on
the MEDE's.
Each terminal operator's access to system resources
shall be authorized by reference to the User Security
Profile (USP). The contents of the USP specifies the
priviliges accorded to the terminal operator who has
been authenticated for proper userid and password.
Contents of USP shall provide the following data:
- Userid
Used for log on/off and security authentication
- Password
Log on/log off password
- Classification
Identify the clearance of the user
- Special password
Used for special authentication for Special
Handling of messeges
1.2 A̲B̲B̲R̲E̲V̲I̲A̲T̲I̲O̲N̲S̲
Please refer to (2) section 1.2 ABBREVIATIONS.
2 A̲P̲P̲L̲I̲C̲A̲B̲L̲E̲ ̲D̲O̲C̲U̲M̲E̲N̲T̲S̲
1: FIX/0000/SPC/0002 FIKS REQUIREMENTS
SPECIFICATION
2: FIX/0100/MAN/0004 FIKS DATA I/F
REFERENCE
3: FIX/1256/PSP/0050 GETUSP Monitor PSP
4: FIX/1266/PSP/0089 SCCM Subsystem PSP
5: FIX/1200/PSP/0042 FIKS FILEGENERATORS PSP
6: FIX/1161/PSP/0071 NOP Subsystem PSP
7: FXA/SDS/008 SDS for Minor FIKS Updates
3 M̲O̲D̲U̲L̲E̲ ̲S̲P̲E̲C̲I̲F̲I̲C̲A̲T̲I̲O̲N̲S̲
3.1 F̲U̲N̲C̲T̲I̲O̲N̲A̲L̲ ̲ ̲C̲A̲P̲A̲B̲I̲L̲I̲T̲I̲E̲S̲
SPU is waken by a signal, which indicates that the
USP-file has to be maintained, or the USER-ID's has
to be displayed - below are shown the possible events.
3.1.1 M̲a̲i̲n̲t̲e̲n̲a̲n̲c̲e̲ ̲o̲f̲ ̲t̲h̲e̲ ̲U̲S̲P̲-̲f̲i̲l̲e̲
o Insert a new Security Profile.
o Delete an existing Security Profile.
o Change an existing Security Profile.
o Accept the maintenance, else wait for a new signal
(event).
o Create a message about the event and enqueue it
to the Event-log-queue.
o Create a message about the event and write it into
the Critical Region TABUPD.
o If it is a MEDE-Supervisor in question, the new
security Profile are distributed to the USP on
the MEDE in question.
o Wait for a new signal (event)
3.1.2 D̲i̲s̲p̲l̲a̲y̲ ̲o̲f̲ ̲t̲h̲e̲ ̲U̲S̲E̲R̲-̲I̲D̲'̲s̲
o Read the USP into an I-O-BUffer.
o Format the I-O-Buffer, which means that each line
contains 14 USER-ID's.
o Display the formatted I-O-Buffer on the VDU.
o Create a message about the event and enqueue it
to the Event-log-queue.
o Wait for a new signal (event).
3.2 I̲N̲T̲E̲R̲F̲A̲C̲E̲ ̲D̲E̲S̲C̲R̲I̲P̲T̲I̲O̲N̲
These are interfaces to the below shown subsystems:
TEPINT ---- SPU
SPU ---- NOP
Please refer to:
FIX/1266/PSP/0089 SCCM SUBSYSTEM PSP
FIX/1161/PSP/0071 NOP SUBSYSTEM PSP
FIX/1256/PSP/0050 GETUSP MONITOR PSP
3.3 P̲R̲O̲C̲E̲S̲S̲I̲N̲G̲
Any time an update of a security profile or a display
of user-id's has to be done, SPU is entered.
When SPU is entered a promptext is issued to the operator,
and a DSS, DSI or XIT command is expected.
If it is a DDS or DSI command, a promptext is issued
to the operator, and an N/M-id is expected.
If the command XIT is given, it means that the operator
wants to leave the SPU, after finishing an update or
display.
3.3.1 D̲S̲S̲ ̲C̲o̲m̲m̲a̲n̲d̲
After a legal N/M-id (A, B, E, F, H, K, L, N, P, and
Q) is received, a promptext is issued to the operator,
and an USER-ID is expected.
The USER-ID is looked up in the file USPx (x is equal
to the N/M-id), the USER-ID must not be a SCC-super-
visor USER-ID.
If the USER-ID is found and legal, the profile is displayed
in this format:
w xx ???????? ???????? "SH-password existing
(or)
w xx ???????? "SH-password not existing
Where:
w: User type (S, A or N)
xx: Classification (An ASCII string
between 00 and 14)
If the prompt is *CR it means that the profile has
to be deleted.
If the operator wants to change the profile, the changes
must be made in the displayed profile and the profile
is returned to SPU.
If the USER-ID is not found, a dummy profile filled
with x is displayed, if it is an insertion of a new
profile the x'es in the fields must be exchanged with
proper data, and the profile is returned to SPU.
When SPU receives the profile the contents of the fields
are checked, and if any error is found the profile
is displayed again with an errorcode which indicates
the field where the error is found.
It is not possible (prohibited) to manipulate a SCC-Supervisor-profile,
this must be made during creation of the USP-file.
If the update, delete or insertion of a profile can
be made , an accept from the operator is demanded,
if the accept id given; a message containing the information
about the operator, USER-ID, N/M-id and DTG for the
event is enqueued to the Event-queue for logging on
the Event-log.
The passwords are scrambled by use of the SPA-process
as specified in ref(7), sec. 3.3.2. The location in
the line at the VDU-display where the passwords were
keyed-in are cleared (overwritten with '*'-characters).
The USER-ID and profile is placed in the critical region
TABUPD and a message is sent to the NOP-subsystem that
distributes the contents of TABUPD.
3.3.2 D̲S̲I̲ ̲C̲o̲m̲m̲a̲n̲d̲
The file USPx (x is equal to the N/M id) is read, and
all the USER-ID's are selected and edited in a buffer
this buffer is dimensioned to 20 lines of each 14 USER-ID's.
The buffer is then output on a VDU.
After finishing the display, a message containing the
information about the operator, NM-id and DTG for the
event is enqueued to the Event-queue for logging on
the Event-log.
3.4…02…D̲A̲T̲A̲ ̲O̲R̲G̲A̲N̲I̲Z̲A̲T̲I̲O̲N̲
…02…Please refer to FIKS DATA INTERFACE REF. (2).
3.5…02…S̲T̲O̲R̲A̲G̲E̲ ̲A̲L̲L̲O̲C̲A̲T̲I̲O̲N̲
Program size: 1100 words.
Process size: 1300 words.
3.6 P̲E̲R̲F̲O̲R̲M̲A̲N̲C̲E̲ ̲C̲H̲A̲R̲A̲C̲T̲E̲R̲I̲S̲T̲I̲C̲S̲
N/A
3.7 L̲I̲M̲I̲T̲A̲T̲I̲O̲N̲S̲
THe SPU-subsystem is only used in connection with SCC-software.
The SCC-supervisor is the only personnel allowed to
use the SPU-subsystem, and the SCC-supervisor is not
allowed to change his own Security Profile, this can
only be done offline during initial load of the USP-file.
3.8 E̲R̲R̲O̲R̲ ̲C̲O̲D̲E̲S̲/̲E̲R̲R̲O̲R̲ ̲L̲O̲C̲A̲T̲I̲O̲N̲S̲
L̲A̲B̲E̲L̲ ̲ ̲ ̲R̲A̲I̲S̲E̲D̲ ̲B̲Y̲ ̲(̲C̲A̲L̲L̲ ̲O̲F̲F̲)̲ ̲C̲O̲M̲M̲E̲N̲T̲S̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲ ̲
̲ ̲ ̲ ̲ ̲ ̲
0 VDUIO In procedure DISPLAY ̲ERR
1 MTCBMINIT
2 VDUIO Issue prompt CMND
3 VDUIO Issue prompt NM ̲ID
4 VDUIO Issue prompt USER ̲ID
5 READ ̲USP I-O-Error at access to
USPx
6 VDUIO Display profile
7 VDUIO Issue prompt
8 VDUIO Issue prompt ACCEPT
9 FIND ̲USP ̲SPU Look up USPx
10 MON (IO, READBYTES USPx
11 MON (IO, DISMANTLE USPx
12 FORMAT ̲BUFFER Empty USPx
13 VDUIO Display user id's
14 INSERT ̲MTCB Enqueue to Eventqueue
15 INSERT ̲QE Enqueue to Eventqueue
16 MON (REGION, RENTER TABUPD
17 MON (REGION, RPUTN TABUPD
18 MON (REGION, RLEAVE TABUPD
The following codes are displayed, in case of syntax-
or semantic errors:
1. Syntax error
2. Unknown command
3. Conflict between insert or delete
4. Illegal user type
5. Illegal classification
6. Illegal special handling password
7. USPx exhausted
8. User is a SCC-supervisor
9. Illegal Node/Mede Id
10. USPx is empty
3.9 P̲R̲E̲P̲A̲R̲A̲T̲I̲O̲N̲S̲ ̲F̲O̲R̲ ̲D̲E̲L̲I̲V̲E̲R̲Y̲
o Copy the source directory into a work directory
o Activate the command file SPU.CRO
o Activate the command file SPU.CP
o Activate the command file SPU.LO
If this can be done without any suprises, then you
must LOG you ON under SYS or SYS1 and USE:
a * FIXLIX * FIX-SOURCE.D * SPU.D
o Correct the command file TO ̲NEW ̲SPU.D due to he
DELIVERY TO FIXLIB notice
o Activate the command file TO ̲NEW ̲SPU.D.
