In response to a Wed, 14 Jan 2009 08:00:36 +0200 message from Itschak Mugzach <imugz...@gmail.com>:
You seem to be mixing terminology, and possibly causing confusion, Itschak. (Though I think Chris understands what you've said and has provided some good pointers.) You start out by saying > Now, there is no way to stop some one in org "A" to simply logon to org "B" > CICS. Logging on to CICS is controlled by the user ID and password provided during the CICS signon processing. You go on to say: >Believe me, I tried it and accessed many vtam applications. few of >them where no protected well. Some of them uses default ACB names. the >ability to finally logon into is depend on the level of security implemented >at org "B". What you're talking about there is NOT "logging on to CICS" but connecting to org B's system, via VTAM, and logging on to other VTAM applications they have, not CICS. I'm not disputing that you were able to do that, but I feel it's important to properly express what has happened and thus, perhaps, avoid confusion. And yes, the ability to logon to B's applications, if you can reach B via an LU2 connection, is dependent on the security implemented at B and in its applications. -- Walt Farrell, CISSP IBM STSM, z/OS Security Design ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
