Documentation - V-251636

Title

IDMS must prevent users without the appropriate access from executing privileged functions or tasks within the IDMS environment.

Description

<VulnDiscussion>In general, all functions within IDMS can be controlled, therefore it is up to the IDMS system administrator to determine which functions or tasks are secured or require proper authorization. Any function within the IDMS environment can be considered privileged if the administrator deems it appropriate. Access to different functions is protected through a number of load modules that are generated from assembler macros. The load modules are RHDCSRTT, IDMSCTAB, and IDMSUTAB. The re...

Fix Text (Documentation Requirement)

1. Define the functions to secure using the #SECRTT, #CTABGEN, and #UTABGEN macros. See the IDMS documentation for information on how use these macros to secure the CA IDMS environment. 2. Protect the IDMS macro libraries with the ESM's dataset level security (see the ESM's documentation to restrict access except for the administrators). 3. Protect the IDMS custom load library containing the RHDCUXIT, RHDCSRTT, IDMSCTAB, or IDMSUTAB modules. See the ESM's documentation to restrict access except for the IDMS Central Version, administrators, and any other users who require access. 4. If access must be restricted to the CA IDMS Database files in Local Mode, and the CA IDMS Database files are not properly secured using an ESM, then do so. All pertinent CA IDMS software load libraries and c...