Application group names (AGNs) and AGN security are available in IMS releases up to and including IMS r9.1. AGN security is not available in releases of IMS after r.1. For IMS r.1 and above, dependent region security can be implemented using Resource Access Security (RAS).
An AGN identifies a group of transactions, terminals, and PSBs that an IMS dependent region, such as a BMP or a message-processing region, is permitted to access. AGNs are defined for an IMS system using the Security Maintenance Utility (SMU).
During IMS control region initialization, AGN information is read from the SMU security matrix to determine the AGN names and the resources that are associated with the AGNs.
An IMS dependent region requests the use of an AGN by specifying the AGN name in the startup JCL for the dependent region. During dependent region initialization, the dependent region communicates to the control region the intent to use the AGN. The control region checks to see if the dependent region is permitted access to the requested AGN. If an AGN is not specified in the dependent region JCL or if the ACID is not permitted access to the AGN, IMS terminates the dependent region. If the dependent region is permitted to use the AGN, IMS then limits the dependent region's use of IMS resources to those defined in the AGN that was requested.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|