This course describes the objects that make up a typical application environment. In particular, it details the security-related tasks that should be performed when installing a new application system.
The course begins with a discussion of application libraries. You will see common library organization strategies and how to define a library for a group of users. The discussion is then repeated for integrated file system directories.
Next, the course describes how you can provide additional protection by creating dedicated message, output, and job queues for an application. Then, you will see how to control access to devices: in particular, how to limit access to a workstation to those users who are members of a specified group.
The course then describes the role of the job description in establishing the user's environment. Special consideration is given to eliminating security exposures made possible by the creative use of a job description.
The course ends with a summary of the recommended sequence of tasks to set up an application.
Approximate Study Time: 2 hours
After completing this course, you should be able to:
- Identify the security issues that need to be considered when defining each object that makes up an application's environment
- Create a library, a directory, an output queue, and a job description for use by an application
- Change the current library and home directory of a user
- Restrict access to workstations and other devices
- Specify the recommended sequence of tasks to set up an application
Controlling Device Access
Creating a Job Description
Setting Up an Application System
The course is intended for security officers and other personnel who are responsible for designing and implementing a system security plan. The audience also includes system administrators, programmers, managers, and users who will participate in security planning for the system as a whole or for one or more applications.
This course assumes that you are familiar with the concepts and basic operations of IBM i systems. You can satisfy these prerequisites by successfully completing the courses in the following series:
Finally, the course assumes that you have an understanding of IBM i security concepts, including group profiles, authorization lists, and adopted authority. You can satisfy this prerequisite by successfully completing the previous courses of this series:
- Introduction to IBM i Security
- Granting Object Authority
- Controlling Application Security
- System Security Considerations
You may also have obtained these skills by taking other courses or through relevant work experience.