Security levels
The operating system operates in one of several predefined levels of security. The security level currently in effect determines the level of detail that user profiles must provide to grant appropriate access to system resources. This level of detail can range from simple password management to explicitly providing a level of access to each object that a user can read or change.
Security on your system is arranged in a series of levels or classes, each offering a greater degree of security and protection of your data than the previous. Select the level that best meets the needs of your organization.
You can use iSeries™ Navigator to change these settings on a single system or across multiple systems.
- Level 20
- This level is referred to as password security. That is, users must have a password and user ID that is recognized by your system to gain access to the system. Both the user ID and initial password are created for users by the system administrator.
This level of security offers all users on the system total authority to do anything they want. That means they can access all data, files, objects, and so on, on your system. This might be appropriate for small businesses where internal security is a low priority, but will likely be inappropriate for larger businesses that do not want every employee to be able to access confidential payroll files, for example.
- Level 30
- This level is referred to as resource security. That is, users must have a valid user ID and password defined for them by the system administrator, and no longer have automatic access to everything on the system. User access is limited by the security policies of the business.
- Level 40
- This level is referred to as system integrity security. That is, at this level, the system itself is protected against users. User-written programs cannot directly access the internal control blocks through pointer manipulation.
Level 40 is the default security level for every new installation.
- Level 50
- This level is referred to as enhanced system integrity security. Level 50 is the recommended level of security for most businesses, because it offers the highest level of security currently possible. Not only is the system protected against user-written programs, but it ensures that users only have access to data on the system, rather than information about the system itself. This offers greater security against anyone attempting to learn about your system.
Parent topic:
Security and user authority