Introduction to resource security

Resource security provides a further level of security to transaction security, by controlling access to the resources used by the CICS transactions. A user who is authorized to invoke a particular CICS transaction might not be authorized to access files, PSBs, or other general resources used within the transaction. Unlike transaction security, which cannot be turned off for individual transactions, you can control resource security checking at the individual transaction level.

Resources defined to CICS to support application programming languages are also subject to security checking if resource or command security checking is specified.

You control who can access the general resources used by CICS transactions, by:

Specifying SEC=YES as a system initialization parameter
Specifying RESSEC=ALWAYS as a system initialization parameter
Specifying RESSEC(YES) in the TRANSACTION resource definition
Specifying the types of resource you want to protect by defining CICS system initialization parameters for the RACF® general resource classes
Defining the CICS resources to RACF in resource class profiles, with appropriate access lists.

For information about the access authorization levels for system programming commands, see Resource and command check cross-reference.