MDSEC, the same product that prevents unauthorized access to MDXREF and MDCMS, may also be used to protect your own in-house iSeries applications.

The programmer simply describes an application function to MDSEC and then MDSEC assigns a security code to that function. The programmer then embeds a call to MDSEC's security checking function with the security code inside the necessary program(s) and a reply is given as to whether or not the user is authorized to the function.

The individual user authority levels can easily be set in seconds via the included security administration tools.

Authority levels handled by MDSEC

• a user or group of users
• an application or group of applications
• general authority to an application's function
• reduced authority to an application's function based on set limits (for example, the user is only allowed to delete an item if it has a value of less than 500).

Authorization List manager

The management of iSeries authorization lists is very cumbersome when done using the commands supplied by IBM. Included in MDSEC are the following tools for managing authorization lists:

• search lists for a specific user
• change or remove authorizations for all users in a list at once.
• change or remove all lists for a user at once
• map the authorization list entries for one user to another user or group of users.
• create, edit or delete the lists themselves.