An integrated set of management

and security tools for CICS



CICS-Lock - Description
 

CICS-Lock is a user-friendly alternative to CICS terminal time-out. This tool enhances terminal security while providing CICS users with the convenience of extended connect time. CICS-Lock ensures privacy of data even while a CICS session is left unattended.

You can invoke CICS-Lock either by request or automatically after an installation-defined interval expires. CICS-Lock replaces the user’s screen with a locked notification message that includes a password validation prompt. After password validation, your CICS session, terminal data, next Tranid, and COMMAREA are restored as if the interrupt did not occur.

The controls and exclusions for CICS-Lock can be updated dynamically by the CICS-Lock Manager. Lock and disconnect intervals can range from 0-999 minutes, where 0 denotes no locking or disconnects. CICS-Lock supports three exit points:

  • The Password Verification Exit (ERIXPWP0), which enables you to write your own routine for verifying user passwords.
  • The Lock Parameter Exit (LCKPRMP0), which enables you to customize lock and disconnect interval processing at the individual user level.
  • The Transaction Time-out Table (LCKTRNTB), which enables you to customize lock and disconnect interval processing by transaction id.


CICS-Lock - Use Case
 

The Terminal Lock Facility for CICS

"... a user-friendly alternative to CICS terminal time-out. CICS-Lock replaces unattended CICS terminal screens with a password prompt."

A hospital in the Midwest has CICS terminals at stations throughout the patient care facility. These terminals display confidential patient records to authorized users. When an authorized user leaves the display unattended, privacy is compromised.

The challenge:

To automatically erase confidential data from unattended CICS terminals and resume the session after authenticating the user.

The solution:

CICS-Lock lets you replace CICS terminal time-out with an alternative that both administrators and end-users appreciate. Unattended terminals are automatically locked after an inactivity interval that you customize for any installation requirement. For convenience, users can initiate CICS-Lock from a hot key. CICS-Lock replaces the user's screen with a locked notification message that includes a password validation prompt. After password validation, the user's session is restored as if the interrupt did not occur. If a customizable disconnect interval elapses with no terminal input, CICS-Lock releases the device.

Bottom line:

A CICS operating environment that is more secure and easier to use.

Features and Benefits:

  • Improves security
  • Locks unattended terminals automatically
  • Optional hot-key for user initiated lock
  • Provides dynamic, installation defined, lock and disconnect intervals
  • Supports customizable lock and disconnect intervals per userid or tranid
  • Fully supports MRO/ISC
  • SAF compatible (supports RACF and ACF2)