Securing Application Dictionary Resources › Compiler Security Within the Dictionary

Compiler Security Within the Dictionary

What is Compiler Security?

The compiler security described in this section is part of the IDD architecture and is not part of CA IDMS centralized security. Security checks access the definition of the user in the dictionary, not the user catalog.

When do Compilers Check Security?

The compilers perform security checking operations when any of the following is true of a DDL statement:

• The verb is SIGNON, VALIDATE, or GENERATE.
• The SET OPTIONS statement contains REGISTRATION OVERRIDE.
• The component type is SCHEMA.
• The component type is SUBSCHEMA.
• The statement is the first statement of the session.

Checks User's Dictionary Description

In any of the preceding cases, the compiler determines whether the requested operation is secured within the dictionary.

If the operation is not secured, the compiler bypasses the security check and begins processing the statement.

If the operation is secured, the compiler checks the user's description in the dictionary to determine whether the user is authorized to perform an operation.

If the user is authorized, the compiler processes the input statement; if not, the compiler issues an error message. All levels of security checking follow this procedure.

Types of Security

The compilers check four kinds of security:

• Compiler security
• Registration override security
• Verb security
• Component security

What Follows

Each kind of security is presented separately as follows; each topic includes the following information:

• When security is checked
• How security is turned on or off
• How the compiler determines who the issuing user is
• What constitutes an authorized user