Security

This topic describes how iSeries™ security relates to DDM, and how it can limit access to the data resources of a target server by source server programs and users.

The access to target iSeries data can be limited by using standard authority to files, standard authority to commands, and an optional user exit program in the DDM environment at the target server.

Security authentication is first performed when a remote user accesses the target iSeries. If the target iSeries is not able to authenticate the remote user, the conversation is rejected. Security authorization is performed when a remote user accesses an iSeries file. The remote user must be authorized to perform the operation (open, close, read, or write, for example), or the DDM request is rejected. Application programs on the iSeries server can be isolated from each other by object authorities. .

• Elements of distributed relational database security
  A distributed relational database administrator needs to protect the resources of the application servers in the network without unnecessarily restricting access to data by application requesters (ARs) in the network.
• DDM server access control exit program for additional security
  Customers who use menu-level security, which is accomplished by restricting the user's access to functions on the server, are likely to have a large number of public files. Public files are those files to which the public has some or all authority. A user exit program allows you to restrict each DDM user's access to public files and to private files.