About access attributes

Open-systems volumes, by default, are subject to read and write operations by open-systems hosts. With open-system volumes in this default condition, data might be damaged or lost if an open-systems host performs erroneous write operations. In addition, confidential data on open-systems volumes might be stolen if a malicious operator performs read operations on open-systems hosts.

Therefore, it is recommended that you change the default read and write conditions by assigning an access attribute to each logical volume. Access attributes can be set to read/write, read-only, or protect.

By assigning access attributes, you can:

• Protect a volume against both read and write operations of all hosts.

• Protect a volume against write operations of all hosts, but allow read operations.

• Protect a volume against erroneous copy operations, but allow other write operations.

• Prevent other users from configuring LU paths and command devices.

One of the following access attributes can be assigned to each logical volume:

• Read/write

If a logical volume has the read/write attribute, open-systems hosts can perform both read and write operations on the logical volume.

You can use replication software to copy data to logical volumes that have read/write attribute. However, if necessary, you can prevent copying data to logical volumes that have read/write attribute.

All open-systems volumes have the read/write attribute by default.

• Read-only

If a logical volume has the read-only access attribute, open-systems hosts can perform read operations but cannot perform write operations on the logical volume.

• Protect

If a logical volume has the protect access attribute, open-systems hosts cannot access the logical volume. Open-systems hosts cannot perform either read nor write operations on the logical volume.