Today, an unprecedented number of computer system users are completely dependent on their systems, and on the data managed by those systems. There are now workstations and terminals in many different locations in most organizations, and their use is commonplace. At the same time, easy-to-use, high-level inquiry languages are available, and there is much greater familiarity with data processing methods. This means that more and more people can retrieve or modify data stored within a computer system.
The speed, flexibility, and size of modern systems make large quantities of data accessible to many users. As the systems become easier to use, there is also more scope for users to gain access to confidential or valuable data.
As an online transaction-processing system (often supporting many thousands of users), CICS® clearly needs the protection of a security system to ensure that the resources to which it manages access are protected, and are secure from unauthorized access.
To provide the necessary security for your CICS regions, CICS uses the MVS™ system authorization facility (SAF) to route authorization requests to an external security manager (ESM), such as RACF®, at appropriate points within CICS transaction processing.