SAF security

As distributed, access to DELTA PLUS is unrestricted. If you want to protect DELTA PLUS functions, you may limit access through System Authorization Facility (SAF). The SAF security interface is an optional security interface which allows you to protect every function within DELTA PLUS. In general, SAF supports five levels of access to protected resources:

NONE
READ
UPDATE
Control
ALTER

When the functions are protected in DELTA IMS, the only access levels with meaning are NONE and READ. If a user has an access level of NONE to a resource, the user is prevented from doing the function. If a user has an access level of READ or higher, the user is allowed to perform that function.

If the user has READ access to DLALIST.BROWSE then the user can browse DELTA List members.

To streamline the SAF process and to reduce the number of resources needed, DELTA PLUS uses three levels of access:

NONE
READ
UPDATE

For those functions which have a browse and edit capability, an access level of READ allows browse while UPDATE allows edit.

Example

If the SAF resource DLP.DELTALST.* is defined and a user has READ access, the user will be allowed to browse DELTA List members, but not be allowed to change them. If a user has UPDATE access, then the user will be able to make changes to DELTA List members.

This section contains the following topics:

Related topic

Converting from DELTA IMS to DELTA PLUS

SAF security

Comments