Screen Time Out

STO controls the operation of all terminals connected to an IBM AS/400

You set up STO to allocate to each terminal a time limit for it to remain inactive. When this time is exceeded a terminal time-out occurs and STO operates according to the instructions you set up in a system control file. This action could be:

Do nothing
Log the time-out only
Lock the terminal
Sign off the terminal
Vary off the terminal
Disconnect the terminal
Perform a user-defined action

Main Features of STO

On-Line Job running at the Terminal

This most important feature is the ability to detect whether an on-line job is or is not running on the terminal.

For example, if a time-out occurs and the user is running a complex on-line job that does file updates and adds, you probably do not want the terminal to be signed off but rather to be locked. Note that STO locks a terminal by putting it into a hold status. The terminal cannot be used again until manually released by the system operator.

However if no on-line job is running (e.g. the terminal is displaying a menu) you can safely sign off the terminal when a time-out occurs.

STO can also disconnect a job running on an AS/400 terminal (with the exception of some terminals running as virtual devices) or take a user-defined action, such as prompting the user to re-enter his password. This would prevent unauthorised access to an already signed-on terminal. (STO library contains program and screen example source code for this option.)

System Overrides

With STO you first define a general policy (the default time out action) for your computer installation indicating:

The polling interval for STO
The time-out value
What STO should do when a time-out occurs and there is no on-line job running
What STO should do when a time-out occurs and there is an on-line job running
Whether the input-inhibited light ON means that the terminal is active (this is the default)

You then enter sets of Overrides to these defaults based on:

The workstation ID
The user ID
The program running
The library in use
The active command

You can have an unlimited number of Overrides.

When a time-out occurs at a terminal, STO finds out if an override exists for that workstation ID or user ID or program running etc. If an override is found, the policy stipulated in the override is followed. If no override is found, the default policy is used.

In this way you can set up different time-outs for security-sensitive applications (e.g. payroll) and for general applications. Or you may exclude certain terminals (e.g. the system console) or give programmers more time than data-entry operators etc. etc.

Audit Trail

Every time-out is logged to an audit file. Periodically you can print an audit trail report showing a detailed description of the security violations detected by STO.: This most important feature is the ability to detect whether an on-line job is or is not running on the terminal.

For example, if a time-out occurs and the user is running a complex on-line job that does file updates and adds, you probably do not want the terminal to be signed off but rather to be locked. Note that STO locks a terminal by putting it into a hold status. The terminal cannot be used again until manually released by the system operator.

However if no on-line job is running (e.g. the terminal is displaying a menu) you can safely sign off the terminal when a time-out occurs.

STO can also disconnect a job running on an AS/400 terminal (with the exception of some terminals running as virtual devices) or take a user-defined action, such as prompting the user to re-enter his password. This would prevent unauthorised access to an already signed-on terminal. (STO library contains program and screen example source code for this option.)

System Overrides

With STO you first define a general policy (the default time out action) for your computer installation indicating:

The polling interval for STO
The time-out value
What STO should do when a time-out occurs and there is no on-line job running
What STO should do when a time-out occurs and there is an on-line job running
Whether the input-inhibited light ON means that the terminal is active (this is the default)

You then enter sets of Overrides to these defaults based on:

The workstation ID
The user ID
The program running
The library in use
The active command

You can have an unlimited number of Overrides.

When a time-out occurs at a terminal, STO finds out if an override exists for that workstation ID or user ID or program running etc. If an override is found, the policy stipulated in the override is followed. If no override is found, the default policy is used.

In this way you can set up different time-outs for security-sensitive applications (e.g. payroll) and for general applications. Or you may exclude certain terminals (e.g. the system console) or give programmers more time than data-entry operators etc. etc.

Audit Trail

Every time-out is logged to an audit file. Periodically you can print an audit trail report showing a detailed description of the security violations detected by STO.

STO/400 supports all versions of both CISC and RISC OS/400

If you have any questions on Screen Time Out, contact details are given on our home page