SECOM is a command management and session control tool. It enforces a sharp differentiation between:
and provides a method for separation and segregation of duties.
Normally, individual users must logon to a function to perform tasks on behalf of the function. For example:
Logging on to a function has several drawbacks:
The only Tandem based solution available today to address these types of problems is to use PROGIDed programs, where programs have a SAFEGUARD ACL to protect them against misuse. But the management of PROGIDed software is itself problematic, especially when a GUARDIAN release change has to be performed.
An additional point for concern is that accessing a program (FUP, SQLCI) means having access to all of the program?s functions. For example: to 'UP' a disk volume, the program PUP must be started with a SUPER-group ID. But running PUP with a SUPER-group ID also allows the user to 'DOWN' a disk.
The SECOM Solution
SECOM provides a solution. You can quickly and effectively administer command management and session control across a network from a single system.
Manage SECOM with the browser based management system iWAMS, the integrated Web Administration Management Suite.
iWAMS allows the central management of GreenHouse products within an EXPAND network, where the manager can switch between nodes without the need to re-logon, and a context sensitive switch between products.
Traced SECOM command SUPERTACL and evaluation of input/output session data with iWAMS:
Download product information of Secure Command Manager (SECOM)