Manuals / IBM / Computer Equipment / Server

IBM OS/390 manual Cics Transaction Security, Cics Upsi

Models: OS/390

1 673
Download 673 pages 53.75 Kb
Page 173
Image 173

You must rewrite all user-replaceable modules except for DFHACEE, DFHUAKP, DFHXSP and DFHXSE user-replaceable modules, which are obsolete. Also, the DFHNTRY is replaced by a new user-replaceable module DFHREST.

Note: VSE/ESA System Package (SP) supplied a number of user exits and user replaceable modules, that are part of the packaging of VSE/ESA. As such these programs may be similar to other CICS supplied sample program, but are unique in what they offer VSE/ESA users. If you were using any of the programs below, you may want to convert the code and/or find similar solutions through IBM packages and/or vendor programs.

IESZATDX - auto install program IESZNEP - VTAM network error program DFHXSE and IESEXIT1 - signon program

DFHPEP - program error program (invokes OLPD transaction for ABEND) SKEXITDA - captures VSE/ESA system activity data from the II and stores the resulting data in CICS/VSE temporary storage queues.

Note: The above programs are located in VSE/ESA ICCF library 59.

6.1.10 CICS Transaction Security

CICS/ESA security is provided through external security (that is, RACF). Hence CICS/VSE internal security needs to be converted to an external security facility.

In the MVS environment, RACF provides an external security manager. RACF controls access to data sets from CICS, TSO, and batch.

The recommendation is to migrate to RACF and CICS/ESA external security.

If you are using RACF as the external manager, consider:

All CICS started task names must be defined as user IDs having the authority to execute all transactions UACC(READ).

All transactions must be defined to RACF (even previously unsecured transactions).

If using transient data initiated transactions or transactions started on a terminal, you may need to add an XPCT profile, or allow the default user UACC(READ).

New CICS command RACF resources: EXITPROGRAM, REQID, and STORAGE, update authority is required to enable, disable, extract, or resync EXITPROGRAM, and may be administered from the PLT process.

If you are using CICS for VSE/ESA 2.3, you can use the security migration aid to assist you with your migration of your CICS internal security definitions to an environment where the resources can be defined with RACF. You will need the CICS/VSE Security Migration Aid (supported via APAR PN87442) and the CICS/VSE Security Migration Aid, SC33-1406 manual.

6.1.11 CICS UPSI

There is no UPSI in MVS. Execution overrides are in the PARM field of the JCL statement - EXEC PGM=DFHSIP. The following list identifies the CICS/MVS equivalents:

Chapter 6. CICS 149

Page 172 Page 174
Page 173
Image 173
IBM OS/390 manual Cics Transaction Security, Cics Upsi
Page 172 Page 174

OS/390 specifications

IBM OS/390, a versatile operating system, was a cornerstone in enterprise environments and played a pivotal role in mainframe computing. Released in the mid-1990s, OS/390 combined the strengths of IBM's MVS (Multiple Virtual Storage) with new features and enhancements, targeting scalability, reliability, and performance in demanding business applications.

One of the key features of OS/390 was its robust support for multiple users and processes. The system allowed thousands of concurrent users to access applications and data, ensuring high availability and minimizing downtime—a critical requirement for many large organizations. This scalability was supported through various enhancements in memory management and processor scheduling, enabling optimal resource allocation across diverse workloads.

OS/390 was known for its superior workload management capabilities. The Workload Manager (WLM) component allowed administrators to define service policies, specifying how system resources would be allocated according to the priority of tasks. This ensured that critical business processes received the necessary resources while less critical tasks were managed more flexibly.

Another significant characteristic of OS/390 was its commitment to security. The operating system provided comprehensive security features, including user authentication, data encryption, and auditing capabilities. This focus on security was vital for organizations handling sensitive data, ensuring compliance with regulations and safeguarding against unauthorized access.

OS/390 also supported advanced technologies that facilitated integration and development. The system included features like the IBM CICS (Customer Information Control System) for transaction processing and IMS (Information Management System) for database management. These technologies allowed organizations to build robust, high-performance applications tailored to specific business needs.

The ease of network integration was another strength of OS/390. With the advent of the Internet and global connectivity, OS/390 systems could easily interface with various network protocols, enabling businesses to operate in a connected world. This inclusion paved the way for many organizations to expand their capabilities and offer new services, driving digital transformation.

In conclusion, IBM OS/390 represented a significant advancement in mainframe technology, combining scalability, security, and robust workload management. Its rich feature set and support for critical enterprise applications solidified its role as a vital component of many organizations' IT infrastructures, ensuring they could meet their operational challenges head-on while supporting future growth. As technology continues to evolve, the legacy of OS/390 remains influential in the realm of computing.