Identifying Users

When planning INCONTROL security implementation, it is recommended that the security administrator identify the users or group of users for the test or production environment.

Typically, the IOA environment is intended for the following types of user categories:

Users who install and customize INCONTROL products, and determine implementation and policy issues
Users who create and update definitions of IOA entities, such as prerequisite conditions
Users who use and operate INCONTROL products
Users with special user IDs, such as long-running started tasks or specific system jobs. To determine the security related setup that these users require see Basic Definition Security Calls, and Extended Definition Security Calls.

Access to each protected element is controlled by verifying that the active user ID is authorized to perform each specific function. The specified user ID for authorization varies, depending on the environment being used. User IDs can be one of the following types:

Table 1 User IDs

Type	Description
Online User	User ID used to log in the IOA online environment
Execution User	User ID associated with a running job or a started task
Definition Owner	User ID specified in the owner field in the definition of the mission or job, and so on
JCL User	User ID associated with a batch job

When a security interface module performs a security authorization check, the user ID that is checked for the operation can be any of the user IDs described above, depending on the environment in that the operation is performed.

Parent Topic

IOA Security