External security provides the ability to control and administer user access to CA Datacom products and company data based on the security profiles that exist in CA ACF2 or CA Top Secret. With internal security, product access and data access are controlled with the security systems built into each product. The difference between external and internal security is where the user access authorizations are maintained.
CA Dataquery security protects product functions unique to CA Dataquery. These functions include CA Dataquery online and batch activity. Internal security uses a secondary product signon for each accessor and permits you to define table authorizations in CA Dataquery security. External security uses the external security user identification and validates table access according to the authorizations defined in CA Datacom/DB security. If external security is used, CA Dataquery provides only column level security.
To use external security with CA Dataquery, it is necessary for each CA Dataquery user to sign on to the externally secured monitor (CICS) under which CA Dataquery operates. The monitor must be externally secured so that the monitor signon affects a signon to the external security package. If external security is specified for CA Dataquery without the monitor being externally secured, the user name retrieved by CA Dataquery from the security package may not be correct. In batch, the SIGN/ON card is ignored if external security is present.
If CA Dataquery is not externally secured, it is not necessary to execute the monitor signon to use CA Dataquery. In this case, when a user issues the DQRY transaction, CA Dataquery presents its signon panel (DQZ10) and CA Dataquery internal security is in effect.
Note: If your site is moving from CA Dataquery internal security to external security, make sure that you provide security information, such as IDs and table authorizations, that matches your current system.
The Security Administrator controls whether the CA Datacom products are secured with external security. If external security is selected, internal security authorizations are ignored. No modifications are required to any CA Datacom product to implement external security.
When external security is used, you may omit reading Authorizing Users in CA Dataquery and Securing Data Access for DQL Use. Read Limiting Access to Columns for information relating to DQL Mode column security (profile-codes, conditions and restrictions). SQL Mode is always secured by CA Datacom/DB and by external security when it is in effect. If the SQL option is used at your site, you should also read Securing Data Access for SQL Use.
Note: PDB and the STORE command use SQL.
|
Copyright © 2014 CA.
All rights reserved.
|
|