Implementing Security for APPC z/OS › Implementing APPC Security › Allocating Security Statements

Allocating Security Statements

When an APPC conversation allocation is issued, that request also indicates what type of security information, if any, will be provided by the inbound TP. The required security information can take one of the following forms:

• SECURITY_NONE-No security information is provided. The LU can either accept the request and run the designated TP in a special execution environment or deny it completely.

  Since SECURITY_NONE requests do not provide a userid, APPC must construct a default execution environment for the TP.

• SECURITY_PGM-The request contains a userid, password and, optionally, a security profile name. System entry validation must be performed on the inbound side.
• SECURITY_SAME-The request contains a userid, security profile name, and the already verified (AV) indicator. APPC will accept the user's identity without performing validation.

The most frequently used form is SECURITY_SAME, especially when requests are issued from one trusted z/OS system to another equally trusted z/OS system. If no userid is provided, however, the request is treated the same as if SECURITY_NONE was specified.