When IMS was developed, security products such as the Resource Access Control Facility (RACF) had not yet been developed, or were not in use by most installations. Before RACF was developed, it was common for each subsystem to implement its own security. Therefore, IMS offered basic levels of protection for IMS resources. These internal IMS security facilities (for example, the Security Maintenance utility, access specifications in DBDs, or command authorization) are available for protecting many IMS resource types and are used by some IMS installations today. With the development and introduction of security products, such as RACF, more and more installations have implemented security for IMS resources using such security products. |