Securing System Resources › Implementing Application Security › Implementing Multi-level Application Security
Implementing Multi-level Application Security
Multi-level Security
You can secure applications at several levels.
For example, an online application with embedded SQL can be secured by the following:
- Task—The ability to invoke the application
- Load module—The ability to execute an application program
- Access module—The ability to execute embedded SQL that accesses a database
DCMT Example
When you analyze your site's DCMT security requirements, keep in mind that you can implement security for DCMT commands at these levels:
- At the task level, you secure the DCMT task by assigning the task a Category using security administration statements.
- At the program level, you secure programs invoked for the DCMT task by assigning the programs a Category using security administration statements. Programs invoked for DCMT requests all have names that begin with RHDCMT (for example, RHDCMTPT or RHDCMTTI).
- At the DCMT command level, you secure DCMT commands by means of the #CTABGEN macro. This macro is assembled into the program IDMSCTAB and allows you to apply discrete security to specific DCMT commands (such as, DCMT VARY PROGRAM) and also to individual command options (such as, DCMT VARY PROGRAM STORAGE PROTECT). The macro is used in conjunction with activity security in the security system to control access to specific DCMT functions.
Copyright © 2014 CA.
All rights reserved.
|
|