Verifying CICS users
To protect resources from unauthorized access, CICS must be
able to identify users of the system when they invoke transactions.
Transaction security
Transacation security (also known as attach-time security,
and transaction-attach security) ensures that users that attempt
to run a transaction are entitled to do so.
Surrogate user security
A surrogate user is a RACF®-defined user who is authorized to
act on behalf of another user (the original user). CICS uses surrogate user security in a
number of different situations.
CICS command security
CICS command
security controls the use of system programming commands; that is, commands
that require the special CICS translator option, SP.
Security checking using the QUERY SECURITY command
Use the QUERY SECURITY command in an application program to determine
the level of access that the transaction user has to a particular resource.
The QUERY SECURITY command does not grant or deny access to a resource. Instead,
the application program uses the values returned by the command to determine
what action to take.
Security for CICS-supplied transactions
This topic discusses security for CICS-supplied transactions, and contains
a number of recommendations to ensure that your CICS regions are adequately
protected. Where applicable, it describes the recommended security specifications
that you will need for the CICS-supplied transactions defined in the group
list DFHLIST, and stored in the CICS system definition data set (CSD). These
recommendations cover all CICS-supplied transactions—those that are intended
for use from a user terminal or console, and those that are for CICS internal
use only.