Specifying security options

Use initialization EXEC parameters to implement general security decisions during system definition. Use the TERMINAL and TRANSACT macros to make resource-specific security decisions.

The security options that you specify must be a part of the overall security design. For a discussion about how to implement security for IMS, including what you need to do to use RACF® and security exit routines, see IMS security.

You make security choices at various stages of the IMS life cycle. During system definition, use initialization EXEC parameters to implement general security decisions. You can also use the IMSGEN and COMM macros to define security options; however, the values on the initialization EXEC parameters take precedence.

The TERMINAL and TRANSACT macros allow you to make resource-specific security decisions. You can also specify certain general security decisions using keyword parameters such as ISIS, RCF, SGN, TRN, and others in the startup procedures. You can make other security decisions using the DFSDCxxx members of the IMS PROCLIB data set.

The RCF or ISIS initialization EXEC parameters allow you to specify the security facilities (RACF or exit routines) that you want to use for security checking for dependent regions, transactions, commands, and signon.

To enable or disable support for mixed-case passwords, specify the optional PSWDC=M, R, or U parameter on the DBC, DCC, and IMS procedures. M specifies that IMS supports mixed-case passwords. R, which is the default, specifies that IMS uses whatever is defined for mixed-case passwords in RACF. U specifies that IMS forces all passwords to upper case. See Parameter descriptions for IMS procedures for a description of the PSWDC parameter.