Securing CICS for newbies

By the editors of SearchDataCenter.com
CICS Security
Security is an important concern with CICS. The editors of SearchDataCenter.com have collected some of our best  tips, news and advice on keeping CICS secure. Enjoy!

Securing a CICS screen
Can you secure a CICS screen that is called by the application program? Phil Emrich, our CICS expert, explores this question in this tip.
To read Phil's anwer, click

Requires Free Membership to View


CICS command security
A SearchDataCenter.com user asked:
I'm running z/OS 1.4 and CICS TS 2.2 for CICS. I turned on SEC=YES,XTRAN=YES and XCMD=YES and someone closed the new file or program. Is there any way to monitor who used CEMT and command (SET,Perform) in CICS?
To see the answer, click here.

Q&A: IBM offers a peek at new SOAP for CICS
SearchDataCenter.com spoke with Mark Cocker, a senior software engineer in IBM's CICS strategy team, about his company's new simple object access protocol (SOAP) for CICS technology preview. Cocker explained how the new SupportPac works, and offered an exclusive glimpse into IBM's plans to build SOAP support into the core of its CICS offering.
To read the interview, click here.

How to authenticate users accessing CICS legacy transactions
A SearchDataCenter.com user asked:
We are looking into Kerberos as a way of authenticating users accessing CICS 3270 legacy transactions. These users will be coming into CICS through WebMethods from a browser via TN3270E. We do not want to use RACF user IDs and passwords since they will be exposed along the way. We cannot tell from what we have read if this will be transparent to CICS -- handled by RACF -- and CICS will get whatever it needs to satisfy the sign-on. Is this something that you can answer or at least point me to an explicit document that addresses Kerberos and CICS?
To read the answer, click here.

Calling RACROUTE from a CICS program
A SearchDataCenter.com user asked:
Do you have any examples of calling RACROUTE from a CICS program? I have to authenticate (RACF) a UserId and Password using a CICS program. I don't think "QUERY SECURITY" could be you used to do this.
To see the answer, click here.

Big Blue announces new CICS TS
IBM rolled out its CICS Transaction Server for z/OS V3.1, building in support for Web services and better security support.
To read the article, click here.

How to authenticate users using RACF for applications running in CICS Web Support
A SearchDataCenter.com user asked:
How to authenticate users using RACF for applications running in CICS Web Support (CWS) using existing software? The IBM sample programs either:
1) Invoke HTTP Basic Authentication, which allows Internet Explorer users to save their passwords - permitting unauthorized users to sign-on using cached passwords or
2) Result in non-persistent verifications requiring user to present credentials at every page change. We need persistent verified user-id and no stored passwords.
To read the answer, click here.

Need help turning on security for CICS Transaction Server
A SearchDataCenter.com user asked:
I am new to the mainframe and CICS. Right now, we are trying to turn on the security of CICS Transaction Server. When we enter CICS, even without sign-on, we can do everything we want. But if we type 'CESN', the System gives a message like 'DFHCE3547 Security is not active. Sign-on cannot be performed.' Do you know why that happened? Where can I find the information I need to turn on the security?
To read the answer, click here.

This was first published in August 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.