All installation-delivered IDMS User-level programs must be properly secured.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-251590	IDMS-DB-000100	SV-251590r807637_rule		Medium

Description
If user-level programs are not secured, then unauthorized users may use them to access and manipulate various resources within the DBMS. Satisfies: SRG-APP-000033-DB-000084, SRG-APP-000211-DB-000122

STIG	Date
CA IDMS Security Technical Implementation Guide	2022-09-07

Details

Check Text ( C-55025r807635_chk )
The following are user-level batch programs that are executed using JCL rather than by the CV. As batch programs, they need to be secured by the external security manager (ESM) rather than through the SRTT. Validate the following suggested user-level programs are secured by the ESM: ADSBATCH ADSOBPLG CULPRIT IDMSBCF OLQBATCH OLQBNOTE Contact the security office to confirm that the programs in this list are secured. If the programs listed are not secured, this is a finding.

Check Text ( C-55025r807635_chk )

The following are user-level batch programs that are executed using JCL rather than by the CV. As batch programs, they need to be secured by the external security manager (ESM) rather than through the SRTT.

Validate the following suggested user-level programs are secured by the ESM:
ADSBATCH
ADSOBPLG
CULPRIT
IDMSBCF
OLQBATCH
OLQBNOTE

Contact the security office to confirm that the programs in this list are secured. If the programs listed are not secured, this is a finding.

Fix Text (F-54979r807636_fix)
Contact the security office to confirm that the programs in this list are secured via the ESM and assigned to the appropriate users. Each program listed must be secured.