Three groups of settings for Transaction Server access rights are given here. Each group corresponds to a level of system security: minimal security, medium security, and high security.
In general, if it is possible to assign an access right to both a usercode and a station, it is advisable to assign the right only to the usercode. Doing so alleviates the problem of maintaining the physical security of a station against use by those not intended to have access rights to the station.
Minimal System Security
The settings in Transaction Server Access Rights for Systems with Minimal Security are appropriate only when system security is unimportant, and the ability of every user to have access to all system functions is a high priority.
Table 24. Transaction Server Access Rights for Systems with Minimal Security
|
Access Rights |
All Users |
All Stations |
|---|---|---|
|
Control-Capable |
Yes |
N/A |
|
Privileged User |
N/A |
Yes |
|
System User |
N/A |
Yes |
|
Control Station |
N/A |
Yes |
Medium System Security
The settings shown in Transaction Server Access Rights for Systems with Medium Security are appropriate when system security is a concern, but a range of users must have access to most system functions.
Table 25. Transaction Server Access Rights for Systems with Medium Security
|
Access Right |
End User, Application Programmer |
System Programmer |
System Administrator, Security Administrator |
Stations |
|---|---|---|---|---|
|
Control- Capable |
No |
As needed for trusted individuals |
Yes |
N/A |
|
Privileged User |
N/A |
N/A |
N/A |
Yes |
|
Super User |
N/A |
N/A |
N/A |
As needed where physically secure |
|
System User |
N/A |
N/A |
N/A |
Yes |
|
Control Station |
N/A |
N/A |
N/A |
As needed where physically secure |
The settings shown in Transaction Server Access Rights for Systems with High Security are appropriate when system security is important, and this need for security justifies restricting user access to some system functions.
Table 26. Transaction Server Access Rights for Systems with High Security
|
Access Right |
End User, Application Programmer, System Programmer |
Transaction Server Administrator |
Station |
|---|---|---|---|
|
Control- Capable |
No |
Yes |
N/A |
|
Privileged User |
N/A |
N/A |
Yes |
|
Super User |
N/A |
N/A |
No |
|
System User |
N/A |
N/A |
Yes |
|
Control Station |
N/A |
N/A |
No |
|
Security Station |
N/A |
N/A |
For terminal used by security administrator, system administrator |
