Overview of IMS Connect security
IMS Connect provides different security options depending on whether a client is accessing IMS DB or IMS TM.
IMS DB clients can implement security by using the IMS Connect DB Security user exit routine (HWSAUTH0), a security product such as RACF®, or both. For IMS DB clients, IMS Connect also provides support for RACF PassTickets. For Secure Sockets Layer (SSL) support, IMS DB clients can use IBM® z/OS® Communications Server Application Transparent Transport Layer Security feature (AT-TLS). IMS Connect does not provide SSL support for IMS DB clients.
IMS TM clients can implement security using any combination of the IMS Connect user message exit routines, a user security exit routine, and a security product such as RACF. For IMS TM clients, IMS Connect provides direct support for SSL and support for RACF PassTickets.
For IMS-to-IMS TCP/IP connections, IMS Connect provides optional connection security by using RACF PassTickets.
- On the client side:
- The client application
- The server of the client application
- IMS Connect
- A security product, such as RACF
- For IMS TM connections:
- The IMS Connect user message exit routines
- OTMA, including the OTMA Resume Tpipe Security user exit (OTMARTUX)
- For IMS DB connections, the IMS Connect DB Security user exit routine
- IMS
- An IMS exit routine
- An IMS application program
- HWSCFGxx configuration member
- The RACF FACILITY class