Grants additional identifiers to a process while it is running
    the image to which the Subsystem ACE applies. Users with execute
    access to the image can access objects that are in the protected
    subsystem, such as data files and printers, but only when they
    run the subsystem images. The Subsystem ACE applies to executable
    images only.

    An example of a Subsystem ACE is as follows:

    (SUBSYSTEM, IDENTIFIER=ACCOUNTING)

    Format

      (SUBSYSTEM,[OPTIONS=attribute[+attribute...],]IDENTIFIER=identifier

      [,ATTRIBUTES=attribute[+attribute...]] [,IDENTIFIER=identifier

      [,ATTRIBUTES=attribute[+attribute...]],...])