An Introduction to IMS: Your Complete Guide to IBMs Information Management System
When you initiate security safeguards, you must balance the requirements of those users who are responsible for the security of resources and those users who legitimately need access to those resources. Because an individual assigned to resource security is held responsible for resources that might be compromised, that person should not allow easy access to dominate protection measures. On the other hand, users performing their assigned tasks need convenient access to the resources. The users and the security specialist should work out a balanced approach between the ease of resource access and the complexity of protecting that resource. IMS provides ample flexibility in allowing the installation to secure any type of resource. In an IMS system, you should consider various facets of the security implementation:
IMS provides a system definition macro (the SECURITY macro) that allows the installation to code all of the security specifications on one macro. The SECURITY macro specifies security options for IMS internally provided SMU security, RACF security, an installation-provided security exit routine, or any combination of these facilities. Before you decide what security facilities to use in designing a secure IMS system, you should know which resources within the system need protection. In other words, you should decide what to protect before you decide how to protect it. Two advantages of using a security product for securing access to resources are:
RACF offers a wide range of security choices to the installation. For example, RACF contains security features such as user-identification-based security and verification-based security, which are not available with the SMU. Recommendation: IBM recommends that you implement security using only RACF or an equivalent security product because IMS Version 9 is the last version of IMS to support the SMU.
Related Reading: For more information about IMS security, see:
|