Security facilities in CICS
As an online transaction-processing system (often supporting many thousands of users), CICS® requires the protection of a security system to ensure that the resources to which it manages access are protected and are secure from unauthorized access. CICS provides a number of facilities that protect your resources against unauthorized access.
To provide the required security for your CICS regions, CICS uses the MVS™ system authorization facility (SAF) to route authorization requests to an external security manager (ESM), such as RACF®, at appropriate points within CICS transaction processing.
For specific security information about Business Transaction Services, see Security in BTS.