This group of articles discuss various aspects of setting up security for APPC sessions.
There are several aspects of security for an i5/OS™ system, communicating with each other using APPC and APPN:
- Physical security surrounding the systems, communication lines, and display stations that can be configured.
- Location security that verifies the identity of other systems in the network.
- User security that verifies the identity and rights of users to issue commands on their local system and remote systems when you specify *NONE for the location password (LOCPWD) parameter during APPC configuration.
- Resource security that controls user access to particular resources, such as confidential databases remote system when a session is being established.
- Session-level security which is achieved by specifying a password on the LOCPWD parameter during configuration. The i5/OS system uses the password to validate the identity of the remote system when a session is being established.
When the system is using level 10 security, APPC connects to the network as a nonsecure system. The i5/OS system does not validate the identity of a remote system when a session is being established and does not require transaction security on incoming program start requests.
If the i5/OS system is the remote system and is using level 20 or above, APPC connects to the network as a secure system.