Intercommunication link security
Each link between systems is given an authority defined by a userid.
It is important to note that users cannot access any transactions or resources over a link that is itself unauthorized to access them. This means that each user's authorization is a subset of the link's authority as a whole.
To limit the remote system's access to your transactions and resources, you use link
security. Link security is concerned with the single user profile that you assign to the remote
system as a whole. Like user security in a single-system environment, link security governs:
- Transaction security
- This controls the link's authority to attach specific transactions.
- Resource security
- This controls the link's authority to access specific resources. This applies for transactions, executing on any of the sessions from the remote system, that have RESSEC(YES) specified in their transaction definition.
- Command security
- This controls the link's authority for the commands that the attached transaction issues. This applies for transactions, executing on any of the sessions from the remote system, that have CMDSEC(YES) specified in their transaction definition.
- Surrogate user security
- This controls the link's authority to START transactions with a new userid, and to install resources with an associated userid.
For more information, see Transaction, resource, command, and surrogate user security for intercommunication.