Back to CNS CICS Home Page
Back to CNS Home Page
Back to UF Home Page
CNS is currently using IBM's RACF program product as the ESM (External Security Manager). Note that RACF is now called "Security Server" in IBM's newest OS/390 operating systems (OS/390 was formerly known as MVS/ESA). Anyway, this document attempts to describe CNS CICS RACF security considerations.
RACF in CICS is presently utilized at CNS primarily for signon, transaction security, and dataset security.
Transaction Security
For transaction security, the CNS CICS systems staff maintains test and production RACF transaction profiles, and the appropriate development group security officers maintain the groups of userids that are permitted access to these protected transaction profiles. The default transaction security at CNS is such that a transaction may be utilized by anyone signed on to CICS. However, non-public or protected applications typically utilize internal application security like the UF Menu System or a personal ID/PIN combination.
Dataset Security
For dataset security, development group security officers maintain dataset profiles for various access from CICS. RACF dataset profiles are required for loadlibs defined to the development/test regions, VSAM and BDAM datasets defined in the CICS FCT (File Control Table), and physical sequential datasets defined to the DCT (Destination Control Table) or JCT (Journal Control Table).
Contact Steve Ware at CNS for additional CICS RACF information and/or questions.
Back to CNS CICS Home Page
Back to CNS Home Page
Back to UF Home Page