Type-2 AO command security

You can use either RACF® or another external security product, the Command Authorization exit routine (DFSCCMD0), or both of the security facilities to secure AO commands issued by type-2 AO application programs through the ICMD call.

Make your specifications for security facilities by using the AOIS= parameter in the IMS and DCC startup procedures.

Use the AOIS= execution parameter in the startup procedure to specify which security facilities to use for security checking of type-2 AO commands.

The AOIS= execution parameter allows you to specify one of the following options:

• RACF performs security checking.
• DFSCCMD0 performs security checking.
• RACF and DFSCCMD0 both perform security checking.
• Disable all ICMD calls from applications.
• Disable all security checking for ICMD calls.

You can change the AOIS= value each time you initialize IMS, because the AOIS= specification is not included in checkpoint records.

Related reading: For complete information on specifying the AOIS= keyword, see IMS Version 15 System Definition.