Document revision date: 15 July 2002

access control entry (ACE): An entry in an access control list. Access control entries may specify identifiers and the access rights to be granted or denied to the holders of the identifiers, default protection for directories, or security alarm details.

access control list (ACL): Collection of entries that define the access rights a user or group has to a protected system object.

access control string: A series of 0 to 42 characters that contains login information to be sent to a remote node. On OpenVMS systems, an access control string usually consists of a user name, spaces or tabs, and a password.

account: Every user must have an account to use the system. The account is identified by the user's user name. Different accounts allow different levels of service from the system (for example, the privileges users hold, the times during which they can log in, and so on).

American Standard Code for Information Interchange (ASCII): A set of 8-bit binary numbers representing the alphabet, punctuation marks, numerals, and other special symbols used in text representation and communications protocol.

ASCII: See American Standard Code for Information Interchange.

assignment statement: In DCL, the association of a symbol name with a character string or numeric value. Symbols can define synonyms for system commands or can be used as variables in command procedures.

batch job: A program that is scheduled and executed under the control of the batch processing subsystem. Control input for a batch job comes from a command procedure stored on disk and output is directed to a disk file.

best-effort delivery: Network protocol that attempts to deliver data but does not try to recover if there is an error such as a line failure.

break-in attempt: An effort made by an unauthorized source to gain access to the system. Because the first system access is achieved through logging in, break-in attempts primarily refer to attempts to log in illegally. These attempts focus on supplying passwords for users known to have accounts on the system through informed guesses or other trial-and-error methods.

buffer: An internal memory area used for temporary storage of data records during input or output operations.

captive account: A type of OpenVMS account that limits the activities of the user. Typically, the user is restricted to using certain command procedures and commands. For example, the user may not be allowed to use the Ctrl/Y key sequence. This type of account is synonymous with a turnkey or a tied account.

central processing unit (CPU): The hardware that handles all calculating and routing of input and output as well as executing programs. In short, the CPU is the part of the computer that actually computes.

character string: A contiguous set of printable characters.

collating sequence: An order assigned to the characters of a character set (for example, ASCII, Multinational, or EBCDIC) used for sequencing purposes.

command: In DIGITAL Command Language (DCL), an instruction, generally an English word, entered by the user at a terminal or included in a command procedure. A command requests that the software monitoring a terminal or reading a command procedure perform some well-defined activity. For example, entering the COPY command requests that the system copy the contents of one file into another file.

command image: A program associated with and invoked by a DCL command.

command interpreter: A procedure-based system code that executes in supervisor mode in the context of a process to receive, to check the syntax of, and to parse commands entered by the user at a terminal or submitted in a command file.

command level: Input stream for the command interpreter. The initial input stream is always command level 0. An interactive command procedure begins executing at command level 1. A batch job command procedure begins executing at command level 0. You can use the execute procedure (@) command or the CALL command in a command procedure to create up to 32 nested command levels.

command parameter: The positional operand of a command delimited by spaces, such as a file specification, an option, or a constant.

command procedure: A file containing commands and data that the command interpreter can accept. Because command procedures provide a means of automatically passing commands to the operating system, users do not have to manually enter those commands at a terminal. In addition, command procedures permit users to employ such programming techniques as loops, counters, labels, and symbol substitution to set up elaborate command sequences that can be altered through user interaction. Command procedures can also be submitted to the system for processing as batch jobs.

command string: A line (or set of continued lines) containing a command and, optionally, information modifying the command. A command string consists of a command, its qualifiers, its parameters (file specifications, for example), and their qualifiers. A command string is normally terminated by pressing the Return key.

compound character: A combination of simple characters and characters from the extended character set.

concatenate: The act of linking files together in a series.

CPU: See central processing unit.

cursor: An indicator used on a monitor screen to point to a location on the screen.

data: A general term referring to any representation of facts, concepts, or instructions in a form suitable for communication, interpretation, or processing.

DCL (DIGITAL Command Language): A command interpreter in an OpenVMS system that provides a means of communication between the user and the operating system.

DECnet-Plus: Family of Compaq hardware and software products that implement the Digital Network Architecture (DNA) Phase V, which integrates OSI and DNA protocols. DECnet-Plus is compliant with OSI and compatible with DECnet Phase IV and TCP/IP.

default: A value or operation that is automatically included in a command, unless the user specifies otherwise. In most cases, default settings will be what is "normal" or "expected."

default directory: The directory that the OpenVMS operating system assumes when a directory specification has not been supplied by the user.

default disk: The disk from which the system reads and to which the system writes; by default, all files that you create. The default is used whenever a file specification in a command does not explicitly name a device.

delimiter: A character that separates, terminates, or organizes elements of a character string, statement, or program.

detached process: A process that has no owner. The job controller creates a detached process when a user logs in to the system. It also creates a detached process each time it initiates a batch job or services a request for a logical link connection. Because the job controller does not own the processes it creates, these processes are referred to as detached. The DCL command RUN/UIC and the Create Process system service (specifying a UIC) allow a suitably privileged process to request creation of a detached process.

device: The general name for any peripheral connected to the processor that is capable of receiving, storing, or transmitting data. Card readers, line printers, and terminals are examples of record-oriented devices. Magnetic tape devices and disk devices are examples of mass storage devices. Terminal line interfaces and interprocessor links are examples of communications devices. Devices are not necessarily hardware.

device name: The field in a file specification that identifies the device unit on which a file is stored. Device names also include the mnemonics that identify an I/O peripheral device in a data transfer request. A device name consists of a mnemonic followed by a controller identification letter (if applicable), a unit number (if applicable), and a colon.

DIGITAL Command Language (DCL): See DCL (DIGITAL Command Language).

directory: A file that briefly catalogs a set of files stored on disk or tape. The directory includes the name, type, and version number of each file in the set, as well as a unique number that identifies the file's actual location and points to a list of its attributes. See also subdirectory.

disk: High-speed, random-access devices. There are several kinds of disks. Floppy disks are small, flexible disks. Hard disks are either fixed in place or removable. Removable disk types include a single hard disk enclosed in a protective case and a stacked set of disks enclosed in a protective case.

editor: A program used to create or modify text in a computer file.

equivalence string: The string associated with a logical name in a logical name table. An equivalence string can be, for example, a device name, another logical name, or a logical name concatenated with a portion of a file specification.

error message: A message sent by the system when some action you have requested fails. Each error message identifies the particular part of the operating system that detected the error. Most error messages result from typing mistakes or mistakes in specifying syntax. Often, you can correct the error by retyping the command correctly.

executable image: An image that can be run in a process. When run, an executable image is read from a file for execution in a process.

expression: Any combination of variables, constants, or both, with operators that the computer can evaluate to produce a result.

Extended File Specifications: An optional feature that removes many of the directory and file-naming restrictions previously imposed by OpenVMS. Allows deep directories and extended file names.

field: A set of contiguous bytes in a logical record.

file: A set of data elements arranged in a structure significant to the user. A file is any named and stored program, data, or both, to which the system has access. Access can be of two types: read-only, meaning the file is not to be altered, and read/write, meaning the contents of the file can be altered. See also volume.

file name: The field containing a 1- to 39-character name for a file that precedes the file type in a file specification.

file path: The disk and directory portions of a file specification.

file specification: A unique name for a file on mass storage media. It identifies the node, the device, the directory name, the file name, the file type, and the version number under which a file is stored.

file type: The field in a file specification that consists of a period followed by a 0- to 39-character identification. By convention, this field identifies a generic class of files that have the same use or characteristics, such as compiler and assembler listing files, binary object files, and so on.

folder: A subdivision of a file in which you can store mail messages.

foreign command: A symbol that executes an image whose name is not recognized by the command interpreter as a DCL command.

foreign file specification: A file whose specification does not conform to OpenVMS syntax or format.

full name: Complete specification of a name in the DECdns namespace, including all parent directories in the path from the root directory to the object, directory, or soft link being named; can also include a namespace name, but not necessary when only one namespace exists in a network.

function keys: Keyboard keys that send special signals to the operating system. Function keys are referred to as Fn, where n is the number associated with that key. For example, by pressing F9 in Mail you are telling the system you want to forward a message.

generic device name: A device name that identifies the type of device but not a particular unit; a device name in which the specific controller or unit number is omitted.

global symbol: Either of the following:

1. A symbol defined in a module of a program that is potentially available for reference by another module. The linker resolves (matches references with definitions) global symbols. Contrast with local symbol.
2. A command language symbol accessible at all command levels.

hardware device: The physical computer equipment, including such mechanical devices as the line printer, the terminals, the mass storage devices, and so forth.

hardcopy terminal: Terminals that print output on paper. See also terminal.

help: A text file in a format suitable for use with the HELP command. Online help can provide up to nine levels of search.

hierarchical directory structure: A structure of directories that has several levels arranged in a tree-like structure, based on a one-to-many relationship.

high-performance Sort/Merge utility: Version of the Sort/Merge utility available on OpenVMS Alpha systems.

host: A system connected to a network. See also node.

identifier: An alphanumeric string representing a user or group of users recorded in the rights database and used by the system in checking access requests. There are four types of identifiers: environmental, facility, general, and user identification code (UIC).

image: The procedures and data bound together by the linker to form an executable program. This executable program is executed by the process. There are three types of images: executable, shareable, and system.

indexed sequential file: A record file in which each record has one or more data keys embedded in it. Records in the file are individually accessible by specifying a key associated with the record.

input file: A file containing data to be transferred into the computer.

Often input and output files are confused. DCL usually prompts for these files, but most system utilities require you to identify your input and output files by position in a command line. Be sure of the syntax, or format, for the command you are using.

input stream: The source of commands and date---the user's terminal, the batch stream, or a command procedure.

interactive mode: The mode of communication with the operating system in which you enter a command and the system executes it and responds. One command has to finish executing before you can enter another.

iterative translation: The repetitive translation of a logical name that occurs when a logical name's definition includes another logical name.

job: The accounting unit equivalent to a process and its subprocesses, if any, and all subprocesses that they create. Jobs are classified as batch and interactive. For example, the job controller creates an interactive job to handle a user's requests when the user logs in to the system and it creates a batch job when the symbiont manager passes a command input file to it.

job tree: A hierarchy of all processes and subprocesses, with the main process at the top.

key: One of the following:

1. In indexed files, a character string, a packed decimal number, a 2- or 4-byte unsigned binary number, or a 2- or 4-byte signed integer within each data record in an indexed file. The user defines the length and location within the records. OpenVMS Record Management Services (RMS) uses the key to build an index.
2. In relative files, the relative record number of each data record in a data file. OpenVMS Record Management Services (RMS) uses the relative record numbers to identify and access data records in a relative file in random access mode.
3. In the Sort/Merge utility, the data field in a record that contains the information by which the user wants to sort the records.

keyboard: An input device that can be operated similarly to a typewriter.

keypad: The small set of keys next to the main keyboard on a terminal.

keyword: A word reserved for use in certain specified syntax formats, usually in a command string or a statement.

lexical function: A command language construct that the DIGITAL Command Language (DCL) command interpreter evaluates and substitutes before it parses a command string. Lexical functions return information about the current process (the user identification code (UIC) or default directory, for example) and about character strings (their length or the location of substrings, for example).

line editor: A program that allows you to make additions and deletions to a file line by line.

line printer: An output device that prints files one line at a time. It is used for printing large amounts of output that would otherwise tie up a slower device. Almost every system has a device designated as the line printer. In some cases, the "line printer" is actually a high-speed terminal.

local node: The network node at which the user is physically located.

local symbol: Either of the following:

1. A symbol meaningful only to the module that defines it. Symbols not identified to a language processor as global symbols are considered to be local symbols. A language processor resolves (matches references with definitions) local symbols. They are not known to the linker and cannot be made available to another object module. They can, however, be passed through the linker to the debugger. Contrast with global symbol.
2. A command language symbol name that is accessible only at the current command level and subsequently invoked levels. It is deleted when the command level at which it is defined exits.

logging in: The identification of a user to the system. When users log in, they type a user name and password in response to prompts from the system. If the user name and the password match an account on the system, the user is allowed access to the system.

logging out: The process of entering the DIGITAL Command Language (DCL) command LOGOUT, which informs the operating system that the user has finished using a particular terminal.

logical device name: A character string that equates a somewhat cryptic device name to a short, meaningful name.

logical expression: An expression that has a true or false value.

logical name: A user-specified name that can be used in place of another character string to represent system objects such as files, directories, devices, and queues. Logical name assignments are maintained in logical name tables.

logical name table: A table that contains a set of logical names and their equivalence strings. A logical name can be process private or shareable. The default shareable logical name tables are job, group, system, clusterwide system, and clusterwide parent tables.

login class: User's method of logging in to the system. System managers can control system access based on the login class: local, dialup, remote, batch, or network.

login command procedure: A command procedure that is automatically executed at login and at the beginning of a batch job.

login directory: The default directory established by LOGINOUT when a user logs in.

magnetic tape: A medium on which data can be stored and accessed.

mass storage device: An input/output device on which data and other types of files are stored while they are not being used. Typical mass storage devices include disks, magnetic tapes, and floppy disks.

master file directory (MFD): A file that contains the main directory for a disk.

memory: A series of physical locations into which data or instructions can be placed in the form of binary words. Each location in memory can be addressed and its contents can be altered. Memory should not be confused with mass storage devices.

Multipurpose Internet Mail Extension (MIME): The standard used to attach nontext files to mail messages. Nontext files, such as graphics or sound files, are encoded and sent as plain text, although that text may not be readable. The recipient can decode the text into the file's original format using a MIME interpreter utility.

network: A collection of interconnected, individual computer systems.

node: One of the following:

1. An individual computer system in a network that can communicate with other computer systems in the network.
2. On OpenVMS VAX systems, a VAXBI interface---such as a central processing unit, controller, or memory subsystem---that occupies one of 16 logical locations on a VAXBI bus.
3. On OpenVMS VAX systems, a VAX processor or HSC that is recognized by system communications services (SCS) software.

node specification: The first field in a file specification. This field identifies the location of a computer system in a network.

null value: A string with no characters that is represented in a command procedure by two quotation marks (" ").

numeric expression: A mathematical statement consisting of a collection of operands connected by arithmetic operators.

object: A passive repository of information to which the system controls access. Access to an object implies access to the information it contains.

open account: An account that does not require a password.

operand: The part of an expression that contains a value. Operands are acted on by operators during expression evaluation to produce a result.

operating system: An integrated collection of programs that controls the execution of computer programs and performs system functions.

operator: The part of an expression that tells the computer how to manipulate the operands. For example, the plus sign (+) is an operator that tells the computer to perform addition.

output file: A file that contains the results of a processing operation; for example, a file that has been sorted or edited.

parameter: Either of the following:

1. A value passed to a command procedure equated to a symbol ranging from P1 through P8. See also command parameter.
2. An entry in the volatile or permanent database for a network management component.

parsing: Either of the following:

1. Breaking a command string into its elements to interpret it.
2. Interpreting a file specification, as is done by OpenVMS Record Management Services (RMS).

password: A character string that users provide at login time to validate their identities and as a form of proof of their authorization to access their accounts. There are two kinds of passwords---system passwords and user passwords. User passwords include both primary and secondary passwords.

personal login command procedure: A command procedure that lets you customize your computing environment. The commands contained in it are executed every time you log in.

physical device name: A character string that uniquely identifies a physical device (such as a storage disk or a terminal) to the system.

primary password: A type of user password that is the first user password the system requests from the user. Systems may optionally require a secondary password as well. The primary password must be the password that is associated with the user name.

print form: A set of attributes that defines page set up and stock for printing.

print queue: A list of files waiting to be printed.

priority: A rank assigned to a process to determine its precedence in obtaining system resources when the process is running.

private volume: A mass storage media that has been allocated by a process for its own exclusive use.

process: The basic entity scheduled by the system software. A process provides the context in which an image executes. A process consists of an address space and both hardware and software context.

process default directory: The system automatically makes your top-level directory your process default directory when you log in.

program: A series of instructions aimed at a particular result. Programming languages are a means of describing procedures so that they can be performed by a computer. See also image.

program stub: A temporary section of code that is used during the testing phase of writing command procedures. A program stub usually outputs a message stating the procedure it is replacing.

prompt: A character string appearing on a terminal screen indicating that the user must provide input.

protected object: An object containing shareable information to which the system controls access. See also object.

protection code: A series of letters that specify what access different categories of system users can have to a file or to another protected object and what they can do to it when they access it.

proxy login: A type of login that permits a user from a remote node to effectively log in to a local node as if the user owned an account on the local node. However, the user does not specify a password in the access control string. The remote user may own the account or share the account with other users.

	privacy and legal statement
6489PRO_050.HTML