You can define security levels to the transactions and resources in your CICS® system that apply to all intercommunication requests that are received from a particular system. This form of security is known as link security.
To use link security, you must have a security manager. CICS has its own security manager, but if your operating system supports an external security manager that TXSeries for Multiplatforms supports, you can use that instead of, or in conjunction with, the CICS internal security manager. An external security manager is a user-supplied program that allows you to define your system's own security mechanism for preventing unauthorized user access to resources from application programs and the unauthorized initiation of CICS transactions.
The sections that follow help you implement CICS internal security, which uses Transaction Security Level (TSL) and Resource Security Level (RSL) keys to restrict access. For information about using external security managers, see Using an External Security Manager.
The security keys that are defined for link security apply to all requests that are received from a particular remote system. This means that the list of security keys must include all the keys that are needed by every user from the remote system. If the needs of the users from a remote system vary, this list of security keys might give more access to some users than is needed. If this is not acceptable, consider using the security that is described in Providing CICS user security, which allows you to set up security keys based not only on the system that sent the request, but also on the user who is associated with that request also.
In either case, you must have TSL and RSL keys assigned to the resources and transactions for which you want link security applied. For further information, see the discussion of the RSLKey and TSLKey settings in Using CRTE and CESN/CESL to sign on from a remote system.