For the latest information on upgrading to and from any versions of CICS TS, see CICS TS V5.6.

Changes to command and resource security

New resource types, their resource identifiers, and associated commands are subject to command security checking and resource security checking.

No new resource types were added in CICS® Transaction Server for z/OS®, Version 5 Release 2.

The following changes were made in earlier releases:

Command security

Command security applies if CMDSEC(YES) is specified for the CICS region.

The following new CICS resource identifiers and associated commands are subject to command security checking:

Table 1. New CICS resource identifiers subject to command security checking
Resource identifier	Related CICS commands
EPADAPTERSET	INQUIRE EPADAPTERSET SET EPADAPTERSET
EPADAPTINSET	INQUIRE EPADAPTINSET

The new resource identifiers can be specified as RESID values when you specify the resource type SPCOMMAND on the QUERY SECURITY command.

The existing resource identifier SECURITY for defining resource profiles to RACF® now includes the new EXEC CICS and CEMT PERFORM SSL REBUILD commands. They are subject to command security checking with RESOURCE_TYPE(SECURITY) and ACCESS (UPDATE).

Resource security

Resource security applies if RESSEC(YES) is specified for the CICS region.

The following new resource types are subject to CICS resource level security checking:

Table 2. New CICS resource types subject to resource security checking
Resource type	RACF-provided resource classes	Profile name
EPADAPTERSET	RCICSRES, WCICSRES	EPADAPTERSET.`name`

The new resource identifiers can be specified as RESTYPE values on the QUERY SECURITY command.

dfhe5_security_cmdsec.html | Timestamp icon

Last updated: Saturday, 15 June 2019