82 lines
5.5 KiB
HTML
82 lines
5.5 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="concept" />
|
|
<meta name="DC.Title" content="Security" />
|
|
<meta name="abstract" content="This topic describes how iSeries security relates to DDM, and how it can limit access to the data resources of a target server by source server programs and users." />
|
|
<meta name="description" content="This topic describes how iSeries security relates to DDM, and how it can limit access to the data resources of a target server by source server programs and users." />
|
|
<meta name="DC.subject" content="security, introduction, checking, object, authority, object authorities" />
|
|
<meta name="keywords" content="security, introduction, checking, object, authority, object authorities" />
|
|
<meta name="DC.Relation" scheme="URI" content="rbae5kickoff.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rbae5secdb.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rbae5exitpgm.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rbae5secreq.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="../rzahj/rzahjovr.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rbae5perfcon.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 1999, 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1999, 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="rbae5ddm1" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Security</title>
|
|
</head>
|
|
<body id="rbae5ddm1"><a name="rbae5ddm1"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Security</h1>
|
|
<div><p>This topic describes how <span class="keyword">iSeries™</span> security
|
|
relates to DDM, and how it can limit access to the data resources of a target
|
|
server by source server programs and users.</p>
|
|
<p>The access to target <span class="keyword">iSeries</span> data
|
|
can be limited by using standard authority to files, standard authority to
|
|
commands, and an optional user exit program in the DDM environment at the
|
|
target server.</p>
|
|
<p>Security authentication is first performed when a remote user accesses
|
|
the target <span class="keyword">iSeries</span>. If the
|
|
target <span class="keyword">iSeries</span> is not able
|
|
to authenticate the remote user, the conversation is rejected. Security authorization
|
|
is performed when a remote user accesses an <span class="keyword">iSeries</span> file.
|
|
The remote user must be authorized to perform the operation (open, close,
|
|
read, or write, for example), or the DDM request is rejected. Application
|
|
programs on the <span class="keyword">iSeries server</span> can
|
|
be isolated from each other by object authorities. .</p>
|
|
</div>
|
|
<div>
|
|
<ul class="ullinks">
|
|
<li class="ulchildlink"><strong><a href="rbae5secdb.htm">Elements of distributed relational database security</a></strong><br />
|
|
A distributed relational database administrator needs to protect
|
|
the resources of the application servers in the network without unnecessarily
|
|
restricting access to data by <dfn class="term">application requesters (ARs)</dfn> in
|
|
the network.</li>
|
|
<li class="ulchildlink"><strong><a href="rbae5exitpgm.htm">DDM server access control exit program for additional security</a></strong><br />
|
|
Customers who use menu-level security, which is accomplished by
|
|
restricting the user's access to functions on the server, are likely to have
|
|
a large number of public files. <dfn class="term">Public files</dfn> are those files
|
|
to which the public has some or all authority. A user exit program allows
|
|
you to restrict each DDM user's access to public files and to private files.</li>
|
|
</ul>
|
|
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rbae5kickoff.htm" title="This topic contains i5/OS distributed data management (DDM) concepts, information about preparing for DDM communications, and DDM-related programming information.">Distributed data management</a></div>
|
|
</div>
|
|
<div class="relconcepts"><strong>Related concepts</strong><br />
|
|
<div><a href="../rzahj/rzahjovr.htm">APPC, APPN, and HPR</a></div>
|
|
<div><a href="rbae5perfcon.htm" title="These topics provide information to help you improve performance when using DDM and also provide some information about when to use something other than DDM to accomplish some functions.">Performance considerations for DDM</a></div>
|
|
</div>
|
|
<div class="relref"><strong>Related reference</strong><br />
|
|
<div><a href="rbae5secreq.htm" title="You can prevent intentional and unintentional access to the data resources of a system by the DDM user.">Security requirements for DDM</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |