Overview

As with databases there are two aspects to securing the ADDS dictionary:

Protecting the Physical Files

To protect the ADDS dictionary using physical database security, you must secure the

As with databases, use guard files to physically secure the ADDS files. However, unlike databases you cannot add guard file specifications directly to the ADDS description file. Instead, use the SYSTEM/ADDS/UTILITIES program to attach guard files to the ADDS files.

The following information identifies the items that need to be included in the guard files for the different types of ADDS files.

Protecting the ADDS Control File

You can secure the ADDS control file by attaching a guard file to the file ADDSDB/CONTROL. This prevents unauthorized-user access to the control file by both ADDS users and non-ADDS users. It also prevents anyone not listed in the guard file from using ADDS. Unauthorized users are any users that read or write information into the control file by using their own program instead of using the ADDS application program.

The contents of the guard file should specify read and write access for the DBA and the following utilities and libraries:

In addition, the guard file should also specify read access to any user or program that must use ADDS and the SYSTEM/SIM/DMSIISUPPORT utility.

Protecting the ADDS Data Files

The ADDS data files are all the files prefixed by ADDSDB with the exception of the file called ADDSDB/CONTROL.

The contents of the guard file for the ADDS data files should specify read and write access for the DBA and for the following utilities and libraries:

Limiting Access to Information in the Dictionary

Use the ADDS product to limit access to information stored in the dictionary. You can secure the information in the dictionary by defining security restrictions at the following levels:

For each security level you can designate any of the following access rights: