Home
Customizing File Manager IMS™ Component
Preparing to customize FM/IMS
Security
This section outlines how you can protect IMS™ resources that can be accessed through FM/IMS functions.
Resource access security and AGN security considerations
Resource access security (RAS) prevents an application program that is running in a dependent region from using IMS™ resources unless it is authorized to do so.

Customizing File Manager IMS™ Component
- Preparing to customize FM/IMS
  - Checklist for installing and customizing FM/IMS
  - Supported databases
  - Region types
  - PSB types
  - IMS™ region controller parameters
  - Security
    This section outlines how you can protect IMS™ resources that can be accessed through FM/IMS functions.
    - Controlling access to databases by FM/IMS functions
      Security administrators can control the access that users have to databases when using FM/IMS functions.
    - Controlling access to IMS™ subsystems and FM/IMS functions
    - Resource access security and AGN security considerations
      Resource access security (RAS) prevents an application program that is running in a dependent region from using IMS™ resources unless it is authorized to do so.
    - RACF® PADS security considerations
      Program Access to Data Sets (PADS) allows users or groups of users to access data sets with higher authority than they would normally have, but only while running a specified program.
  - IMS™ subsystem access
  - Avoiding resource contention
  - IMS™ management of ACBs
    This topic describes how FM/IMS operates when IMS™ is configured to manage the runtime application control blocks (ACBs).
  - Templates
    FM/IMS uses templates to format database segments into their individual fields. One template is required for each database.
  - Alternatives for making FM/IMS available
  - Alternatives for controlling FM/IMS auditing
- Customizing the operating environment for FM/IMS
- Customizing FM/IMS
- Customizing the FM/IMS security environment
- Customizing the File Manager audit facility for IMS™ component
- Customizing FM/IMS for national languages
  You can customize FM/IMS for national languages other than English.
- Verifying the customization of FM/IMS

Resource access security and AGN security considerations

Resource access security (RAS) prevents an application program that is running in a dependent region from using IMS™ resources unless it is authorized to do so.

This means that an FM/IMS function running in BMP mode is prevented from using a PSB unless the user is authorized to use that PSB. This in turn means that users cannot use a dynamic PSB unless they are authorized to use all of the dynamic PSBs that FM/IMS can use. See Declaring the dynamic PSBs.

You might have to customize the IIMS and JIMS class profiles to provide FM/IMS users with the access they require. No special customization is required for FM/IMS to be able to access subsystems that use RAS.

Before IMS™ Version 9, Application Group Names (AGNs) were used to secure dependent regions. In IMS Version 9 RAS superseded AGN security. Support for AGNs was removed from IMS in Version 10.

FM/IMS still allows the user to specify an AGN on the entry panel or in batch JCL. However, if the IMS™ subsystem you are accessing is Version 10 or later, IMS ignores the specified AGN value.

If you do use FM/IMS to access IMS™ subsystems that use AGNs to secure BMP regions, you must specify that the subsystem uses AGN security when customizing the FM/IMS installation options module. You also have the option of specifying the AGNs that you want FM/IMS to use. For information on both of these tasks, see Specifying AGNS.