Sony Trinitron WEGA KV-DZ29M91, Service Manual, Page: 70 / 170

XYGATE
®
Data Protection
™
Reference Manual
Chapter 7. What-if Testing
XYPRO Technology Corporation
50
Proprietary and Confidential
FILEDEF XDPENCR2,TYPEU,TYPEKPA,FORT2DEC,miketest
DESCRIPTION "Test ACL for XDP"
TRANSLATE_ERROR_CODES_TO_100 OFF
! The files or sets of files that we are allowed to access.
MASK $SYSTEM.XDPTEST.ENCRFILE
! Requestors
REQUESTOR $SYSTEM.XYGATEDP.*
OPERATION ENCRYPT,DECRYPT
! Access type granted.
ACL $JUSTME *
ACL $JUSTONE (deny encrypt)
! Other Keywords.
PROCESS_AS_ACL
AUDIT_ACCESS_PASS ON ! Audit Successes?
AUDIT_ACCESS_FAIL ON ! Audit Fails?
WARNING_MODE ON
Sample DPCONF file:
AUDIT $SYSTEM.XYGATEDP.AUDIT
AUDIT $qa0 EMS CONSOLEPRINT
PRIORITY 120
HOMETERM $VHS
AUDIT_ACCESS_PASS ON
AUDIT_ACCESS_FAIL ON
WARNING_MODE ON
PERUSE_OBJECT $SYSTEM.XYGATESP.PERUSE
COLLECTOR $S
COMPANY_NAME "XYPRO Technology Corporation"
In Example 1 below, the ACCESS evaluates to NO, and the result is then converted to
YES due to warning mode. This conversion can distort expected results when testing
is occurring.
Example 1: Testing Access Rules
$SYSTEM XYGATEDP 177> run xygatedp explain
XYGATEDP XYPRO Technology Corporation \N1 20991231
DPCONF CHECKSUM 1750165851 ($SYSTEM.XYGATEDP.DPCONF)
DPACL CHECKSUM 1613910580 ($SYSTEM.XYGATEDP.dpacl)
Explain mode on
Access check:
encrypt encryptedfile $SYSTEM.xdptest.encrfile $SYSTEM.XYGATEDP.wr
qatstsw.mgr
Objecttype = 00098 (ENCRYPTEDFILE) for $SYSTEM.XDPTEST.ENCRFILE
Operation = 00312 (OPEN) Modifier = 00002 (ENCRYPT)
Subject 183,255 QATSTSW.MGR Requestor $NONE $SYSTEM.XYGATEDP.WR
DPGROUP GUARDIAN Requestor 00003 matched ^\$SYSTEM\.XYGATEDP\..*$
DPGROUP GUARDIAN Mask 00001 matched ^\$SYSTEM\.XDPTEST\.ENCRFILE$
DPGROUP GUARDIAN Selection criteria satisfied
DPGROUP GUARDIAN User(002)/access(001) found
DPGROUP GUARDIAN Access NO
DPGROUP GUARDIAN Result converted to NORECORD due to warning mode
DPGROUP GUARDIAN Replying with access NORECORD
Access result - YES using DPGROUP GUARDIAN
Access check:
To see the result as if XDP was live, use the IGNOREWARNING interactive keyword
described in
section 7.11.8 on page 61. This command overrides the state of the