APPC Security › Conversation Level Security

Conversation Level Security

Conversation level security is used to verify the identity of the partner transaction program. The relevant security information (for example, user ID and password) is sent in the attach request and is verified by the receiving LU. If the correct security information is not supplied the request is rejected.

A TCT is used to define the level of conversation security required by a given transaction. When an NCL procedure issues an allocation request the TCT entry is used to determine the level of security information that needs to be included in the attach request to be sent to the remote LU.

User ID and Password Considerations

If an APPC link specifies a user ID without a password, the following security considerations apply:

• For a local transaction, the following UAMS attributes determine user authorization:
  • APPC Access Key
  • APPC Access Lock

  Note: For information about the APPC attributes, see the online help for User Authorities in UAMS.

• For a remote transaction, missing the password makes the transaction unsecured. Unsecured remote transactions run under the BSVR environment using the command authority level defined in the TCT for the transaction (DEFTRANS CMDAUTH=nn).