The security checking that is performed by the SDT LOGON and CONNECT operations is introduced in How a data table is shared. You should consider the implications of the security checks before sharing a file that is associated with a data table.
For information about RACF®, function-shipping security, and implementing security checking for shared data tables, see the CICS® RACF Security Guide.
To minimize the risk that an application-owning region (AOR) might accept counterfeit data records from a file-owning region (FOR) that is in fact an impostor, LOGON processing includes a security check to verify that the FOR is authorized to act as a server with the specified application name. This check is never bypassed, even when SEC=NO is specified at system initialization.
The security checks performed at CONNECT time provide two levels of security:
SDT provides no way of implementing those security checks that an FOR makes at the transaction level when ATTACHSEC(IDENTIFY) or ATTACHSEC(VERIFY) is used with function shipping.