ACF2/CICS Interface advantages over native CICS security

book

Article ID: 221990

calendar_today

Updated On:

Products

CA ACF2

Issue/Introduction

What are the advantages of using ACF2/CICS interface over native CICS security?

Environment

Release : 16.0

Component :

Resolution

Multiple CICS regions can be secured by ACF2 CICS interface, with each individual region can be configured with specific security at more granular level. Every region security is independent of another.  Some other advantages that ACF2/CICS interface provides include:

  • Session cache mechanism to minimize overhead associated with resource validation.
  • An extensive master terminal transaction, ACFM, that performs many functions
  • Extensive API, easily usable by high-level languages. The sample signon programs ACFAEUSP and ACFAEUSC provide useful examples of using this interface
  • Easy-to-use MRO protection; the standard CICS base MRO security control are more difficult to administer, are in the hands of the system programmer while ACF2 CICS control lies mainly in the domain of the security administrator.
  • Record level protection.
  • Transient Data Job Inheritance for batch jobs submitted by CICS applications to CICS transient data queues routed to JESx internal readers.
  • Support for ACF2 High Level Programming Inter- face (HLI) for CICS application programs.
  • Easy protection of the user-defined resources.
  • Extensive user-exits capability allowing for the customization.
  • Support for Extended User Authentication (EUA) dialogs at signon time, allowing for greater levels of signon security.
  • Support for the VERIFY keyword in the resource rules for protected CICS and user resources.
  • Easily customizable options, and also easy modification of such options.
  • Easy-to-use MRO security inheritance controls based on system IDS and function type( i.e. transaction routing, function shipping etc.).
  • Automatic statistic to assist in tuning.
  • IDLE time reverification based on controls within the logonid
  • The TIMEOUT feature
  • MRO Inheritance: LID need not be defined in remote region with FORMAT=ACF2
  • Separate NON-terminal default logonid 

Additional Information

Refer to ACF2/CICS interface documentation for more information.