Planning for distributed access using RACF security

The Spiffy security plan imposes the following restrictions for distributed access:

• IDs that are managed at the central location hold privileges on views for departments that are at remote locations. For example, the ID MGRD11 has the SELECT privilege on the view DEPTD11.
• If the manager of Department D11 uses a remote system, the ID at that system must be translated to MGRD11. Then a request is sent to the central system. All other IDs are translated to CLERK before they are sent to the central system.
• The communications database (CDB) manages the translated IDs, like MGRD11.
• An ID from a remote system must be authenticated on any request to the central system.

The processes for distributed access at the central server and distributed access at remote locations are the same as the processes for Db2 security.