RAS security
Use the ISIS and ODBASE execution parameters to control the authorization for a z/OS® application region to use a PSB.
The following table describes the actions that you need to perform to set up security when specific options are selected.
Specifications | Actions to perform |
---|---|
ISIS=0 | N and ODBASE=N | No action required. No PSB security checking is performed. |
ISIS=R and ODBASE=N | Define the PSBs that you want protected by RACF® to the IIMS or Ixxxxxxx resource class, and then define the user IDs of the dependent region that you want authorized to access the PSBs. The ODBA support for IMS will use the security environment (ACEE) passed in the dependent region's task (TCBSENV), if present, or the dependent region's address space (ASXBSENV), if the ACEE is not present at the task level. |
ISIS=C and ODBASE=N | Create a Resource Access Security user exit (RASE). This routine must determine if the user is authorized to use the PSB. |
ISIS=A and ODBASE=N |
|