The iSeries Blog

Aug 15 2007   3:02PM GMT

iSeries user accountability help from Search400.com reader



Posted by: Atrujillo
Tags:
Security – alerts – compliance
System management

After reading Establishing user accountability in AS400, the iSeries security expert response from Carol Woodbury, one reader sent us this comment to round out her answer. Thanks, Tom!


Especially with QSECOFR, it’s difficult to guarantee full accountability. Whatever QSECOFR can put in place, QSECOFR can remove. There are potential items that can help though.

For interactive work, for example, a routing program might intercept the job and prompt for an individual’s identification. This might consist of a user/password prompt that could be tested against actual user/password via perhaps the Get Profile Handle (QSYGETPH) API, followed by Release Profile Handle (QSYRLSPH) API if successful.

The routing program might continue by setting job logging levels or various audit attributes before transferring control to QSYS/QCMD (or your own request-processing program). Before transferring control, it might send scope messages to ensure that end-of-job logging also occurred or set condition handlers for similar purposes.

None of that *guarantees* anything. But it can help when an auditor asks what’s been done.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: