When Distributed
Relational Database Architecture™ (DRDA®) is used, the data resources of each
server in the DRDA environment
should be protected.
To protect data resources of each server in the DRDA environment, you can use three groups
of security elements that are controlled by the following parameters:
- For system-related security or session, the LOCPWD parameter is
used on each iSeries™ server
to indicate the system validation password to be exchanged between the source
and target systems when an Advanced Program-to-Program Communication (APPC)
session is first established between them. Both systems must exchange the
same password before the session is started. (On System/36™,
this password is called the location password.) In an APPC network, the LOCPWD
parameter on the Create Device Description (APPC) (CRTDEVAPPC) command
specifies this password. Devices are created automatically using APPN, and
the location password on the remote location list specifies a password that
is used by the two locations to verify identities. Use the Create
Configuration List (CRTCFGL) command to create a remote location
list of type (*APPNRMT).
- For user-related or location security, the SECURELOC parameter is
used on each iSeries server
to indicate whether it (as a target server) accepts incoming access requests
that have their security already verified by the source server or whether
it requires a user ID and encrypted password. In an APPC network, the SECURELOC
parameter on the Create Device Description (APPC) (CRTDEVAPPC) command
specifies whether the local server allows the remote server to verify security.
Devices are created automatically using APPN, and the secure-location on an
APPN remote Configuration List is used to determine if the local server allows
the remote server to verify user security information. The SECURELOC value
can be specified differently for each remote location.
The SECURELOC parameter
is used with the following security elements:
- The user ID sent by the source server, if allowed by this parameter
- The user ID and encrypted password, if allowed by this parameter
- The target server user profiles, including default user profiles
For more information, see the DDM source system security in an APPC
network topic.
- For object-related security, the DDMACC parameter is used on the Change
Network Attributes (CHGNETA) command to indicate whether the files
on the iSeries server can be
accessed at all by another server and, if so, at which level of security the
incoming requests are to be checked. More information about this object-related
parameter is provided in the topic DDM Network Attribute (DDMACC Parameter).
- If *REJECT is specified on the DDMACC parameter, all DRDA requests
received by the target iSeries server
are rejected.
- If *OBJAUT is specified on the DDMACC parameter, normal object-level security
is used on the target server.
- If the name of an optional, user-supplied user exit program (or access
control program) is specified on the DDMACC parameter, an additional level
of security is used. The user exit program can be used to control whether
a given user of a specific source server can use a specific command to access
(in some manner) a specific file on the target server. (See the topic DDM
server access control exit program for additional security for details.)
- When a file is created on the target server using DRDA, the library name specified contains
the file. If no library name is specified on the DRDA request, the current library (*CURLIB)
is used. The file authority defaults to allow only the user who created the
file or the target server's security officer to access the file.
Most of the security controls for limiting remote file access are handled
by the target server. Except for the user ID provided by the source server,
all of these elements are specified and used on the target server. The source
server, however, also limits access to target server files by controlling
access to the DRDA file
on the source server and by sending the user ID, when needed, to the target
server.