There control blocks that describe each name/token pair and they are anchored in different places for the various scopes (system, ASID and task), but they are not an intended interface and any user should be calling the IEANTxx services to access them. There is currently no "query" service to retrieve all name/tokens - so the caller needs to be able to express the name part in order to get the associated token.
Note that there is an option to fail IEANTRT if the creator of the name/token was not authorized - this can help prevent spoofing. Obviously you should not have sensitive data in either the name or the token.. System software products sometimes use name/token to anchor themselves in the system, storing something like control block anchor addresses or PC routine numbers in the "token" part. Rob Scott Rocket Software -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Richard Zierdt Sent: Sunday, December 8, 2024 11:07 PM To: [email protected] Subject: How Secure are Name/Token Pairs? IEANTCR / IEANTRT services EXTERNAL EMAIL Name/Token pairs are pretty useful, but how secure are they? If created on a system level (IEANTCR, IEANT_SYSTEM_LEVEL) could any address space access the pair if the name was known? I presume yes. How difficult is it to "guess" the name? Is there a control block chain of name/token pairs that any (authorized / unauthorized) program can "read" to see every name/token in the system, regardless of level, or just those pairs created with system level ? If no, and the pairs are safely hidden away and/or encrypted, then fine. If yes, then it's an open book, and care might be taken before putting sensitive data in the token. However, even if these pairs are an open book, the token could be encrypted by the creator. Same with the name. Just wondering Richard Zierdt Confidentiality Warning/Avertissement de confidentialité: This message is intended only for the named recipients. This message may contain information that is privileged or confidential. If you are not the named recipient, its employee or its agent, please notify us immediately and permanently destroy this message and any copies you may have. Ce message est destiné uniquement aux destinataires dûment nommés. Il peut contenir de l'information privilégiée ou confidentielle. Si vous n'êtes pas le destinataire dûment nommé, son employé ou son mandataire, veuillez nous aviser sans tarder et supprimer ce message ainsi que toute copie qui peut en avoir été faite. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ================================ Rocket Software, Inc. and subsidiaries ■ 77 Fourth Avenue, Waltham MA 02451 ■ Main Office Toll Free Number: +1 855.577.4323 Contact Customer Support: https://my.rocketsoftware.com/RocketCommunity/RCEmailSupport Unsubscribe from Marketing Messages/Manage Your Subscription Preferences - http://www.rocketsoftware.com/manage-your-email-preferences Privacy Policy - http://www.rocketsoftware.com/company/legal/privacy-policy ================================ This communication and any attachments may contain confidential information of Rocket Software, Inc. All unauthorized use, disclosure or distribution is prohibited. If you are not the intended recipient, please notify Rocket Software immediately and destroy all copies of this communication. Thank you. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
