Data set header security section

Header Fields

Contains information for identifying the owner or submitter associated with the data set. Treat information in this section as a token interpreted by the security component of the trusted computer base.

Has an identifier field of X’8C’ and a modifier field of X’00’. Can be built as part of a created NJE work element (job or SYSOUT) or added to a forwarded work element.


NDHTLENP

Prefix subsection's length. You cannot change the value for this field.

Length, type, and range: 2 binary (4-32764)

Default value: 4

NDHTFLG0

Flag byte.

Length and type: 1 byte

Default value: 0

Contains this bit:

NDHTF0JB (bit 80 in NDHTFLG0 flag)

Indicates that the security section represents the owner of the NJE job. If not set indicates that the security section represents the submitter of the NJE job.

Type: bit 80

Default value: 0

NDHTVERS

Length of the security data subsection.

Length, type, and range: 1 binary (1-225)

Default value: X'01'

NDHTFLG1

Flag byte.

Length and type: 1 byte

Default value: 0

Contains these bits:

NDHT1EN (80 bit in NDHTFLG1)

Indicates that the security section (from NDHTSTYP on) is encrypted. The encryption algorithm is private to the security product.

Type: bit 80

Default value: 0

NDHT1EXT (40 bit in NDHTFLG1)

Indicates the format of the security section. B'1' indicates external format used exclusively in NJE.

Type: bit 40

Default value: 1

NDHTSTYP

Security session Type and Range. A '7' indicates batch job Type and Range.

Length, type, and range: 1 binary (1-255)

Default value: X'07'

NDHTFLG2

Flag byte.

Length and type: 1 byte

Contains these bits:

NDHT2DFT (80 bit in NDHTFLG2)

Indicates security section data has not been verified by the security product at the node that created the security section. If not set, you can assume the security data was verified.

Type: bit 80

Default value: 1

NDHT2MLO (20 bit in NDHTFLG2)

Indicates required ML options were active at the node that created the security section.

Type: bit 20

Default value: 0

NDHT2SHI (10 bit in NDHTFLG2)

Indicates security data could not be verified at the node that created the security section.

Type: bit 10

Default value: 0

NDHT2TRS (8 bit in NDHTFLG2)

If set, the user to which this section applies is considered part of the trusted computer base.

Type: bit 8

Default value: 0

NDHT2SUS (4 bit in NDHTFLG2)

If set, the security data was obtained with a surrogate user at the creating node.

Type: bit 4

Default value: 0

NDHT2RMT (2 bit in NDHTFLG2)

Indicates the job or data set originated remotely.

Type: bit 2

Default value: 1

NDHTPOEX

Indicates the port of entry class index, which is defined as follows:

Length, type, and range: 1 binary (1-255)

Default value: X'03'

NDHTSECL

Security label associated with the user represented by this section.

Length, type, and range: 8 character (A-Z, 0-9)

Default value: none

NDHTCNOD

Node at which security section was generated.

Length, type, and range: 8 character (A-Z, 0-9)

Default value: none

NDHTSUSR

Submitting user's ID.

Length, type, and range: 8 character (A-Z, 0-9)

Default value: none

NDHTSNOD

Job submission node.

Length, type, and range: 8 character (A-Z, 0-9)

Default value: none

NDHTSGRP

Submitting user's group ID.

Length, type, and range: 8 character (A-Z, 0-9)

Default value: none

NDHTPOEN

Port of entry name at the creation node for the job creating this data set.

Length, type, and range: 8 character (A-Z, 0-9)

Default value: 0

NDHTOUSR

Security session owner's user ID.

Length, type, and range: 8 character (A-Z, 0-9)

Default value: none

NDHTOGRP

Security session owner's group ID.

Length, type, and range: 8 character (A-Z, 0-9)

Default value: blanks