Establishing and defining security
IMS provides several options for establishing and defining security for application programs that use the ODBA interface.
The options that you select depend on the type of security environment and authorization method that you plan to use. In general, the process that IMS uses to secure PSBs involves one of the following types of security checking:
- Resource access security (RAS)
A security check is performed by RACF® to determine if the user is authorized to use the PSB. RACF determines authorization by looking at the RACF security class profile defined for the dependent region.
- APSB security
A security check is performed to determine if the user is authorized to use the PSB.
The following table identifies the values that you need to specify to control data access for specific security implementations. The table also indicates the type of security checking that is performed for each set of specifications.
Security implementation | Authorization method | ISIS= specification | ODBASE= specification | Connection security | PSB security |
---|---|---|---|---|---|
Resource access security | RACF | R | N | X | |
Resource Access Security user exit (RASE) | C | N | X | ||
RACF and Resource Access Security user exit (RASE) | A | N | X | ||
None | 0 | N | N | |||
APSB security | RACF | Not applicable | Y | X |
To control data access for application programs that use the ODBA interface, follow the techniques discussed in the following topics to establish connection security and PSB security checking.