Security

Three types of security are available with the IMS/DB Interface:

FOCUS provides the option of adding security restrictions and passwords to Master Files. The FOCUS DBA (database administrator) can encrypt Master Files to conceal this security information. See the FOCUS for IBM Mainframe Users Manual for information on FOCUS DBA security and the ENCRYPT command.

The DBCTL environment, when accessed through MSO, provides access to standard security systems through the standard SAF interface. With the SAF interface, your site can use security products such as RACF, CA-TOP SECRET, and CA-ACF2 to restrict access to PSBs. Before allowing access to a particular PSB, the security system verifies that the user is authorized to read the PSB.

The XMI Server includes a security exit that allows a site to secure the environment at the user level. The system administrator can define which PCB(s) within the PSB can be accessed by a given user.

Topics:

DBCTL Security

XMI Server Security

Note:

Interface users accessing IMS without DBCTL, or in a TSO environment, cannot benefit from the PSB security mechanism implemented in DBCTL because it requires the environment to run authorized, an unacceptable solution to many sites.

A site can secure PSBs by enabling the IMS/ESA Application Group Name (AGN) feature. Steps for implementing this feature are documented in the Information Builders technical memorandum TM7910, IMS Security via Application Group Name.

This chapter discusses DBCTL security and XMI server security.

Information Builders