Introduction to intercommunication security

In a single CICS® region, you can use security to make sure that terminal users can access only those parts of the system they need to work with. For interconnected systems, the same basic principles apply, but you can also include definitions for connections, sessions, and partners. You must also consider that users of one CICS region can initiate transactions and access resources in another CICS region.

You must already familiar with setting up security for a single CICS system. In particular, you must understand the following concepts:

An interconnected group of CICS regions differ from a single CICS region in that you might have to define a user profile or group profile more than once. See RACF user profiles and RACF group profiles for information on defining these profiles. That is, you might have to define these profiles in each CICS region that is using a separate RACF® database, and in which a user is likely to want to attach a transaction or access a resource. When planning these profiles, you must consider all cases in which a user could initiate function shipping, transaction routing, asynchronous processing, distributed program link, distributed transaction processing, or external call interface (EXCI). For descriptions of these methods of intercommunication, see Introduction to CICS intercommunication and Concepts of distributed transaction programming.