Security considerations for a DBCTL environment

This topic contains information about establishing security for an IMS DBCTL environment.

DBCTL resources that can be protected
Before you decide what security facilities to use in designing a secure IMS system, you should know which resources within the system need protection. In other words, you should decide what to protect before you decide how to protect it.
DBCTL security choices made during system definition
You make IMS security choices with initialization EXEC parameters or in the IMSGEN macro. You can use the Resource Access Control Facility (RACF®) to implement security decisions.
Security facilities and security types for DBCTL resources
The security facility that you use to protect a particular DBCTL resource depends on the type of security that you want and the available security facilities for that type of security. Security facilities for DBCTL resources include z/OS®, RACF, and PSBGEN.
Design considerations for DBCTL security
This topic explains how the various choices of IMS security can be used. When you are deciding on each part of your security design, consider the physical actions that an end user must take to obtain access to the system. You will probably use more than one type of security checking.
Activating IMS DBCTL security
This topic gives guidance on the steps you take to activate your IMS security design using RACF and program exit routines.
Controlling system startup for DBCTL security
The values generated for the DBC procedure all specify no security. You must reset them to enable security.
Implementing DBCTL security changes online
If you use online change for system definition, you must update the security definitions for RACF.
Controlling DBCTL security violations
Security violations are handled according to the installation's security administration guidelines.

Parent topic: IMS security

Related concepts

Considerations for setting security for the IMSRSC repository in the CSL RM address space