SNAX/APC Configuration and Management Manual
Planning for SNAX/APC
SNAX/APC Configuration and Management Manual—138787
2-11
SNAX/APC Security
Client Conversation-Level Security
Client conversation-level security is implemented in the client transaction program. No
configuration of SNAX/APC is required.
Server Conversation-Level Security
Server conversation-level security is implemented by three components:
•
The SNAX/APC process performs the LU 6.2 protocol functions on behalf of TPs.
Security checking is controlled by the configuration of SNAX/APC and the security
manager.
•
The security manager, Safeguard, handles the definition and storage of security
information and the enforcement of the security rules.
•
The SNAX/APC security server process provides the interface between SNAX/APC
and the security manager.
Figure 2-3, The Components of Server Conversation-Level Security
shows the
relationship of these components and the interfaces that serve them.
The server transaction program is not involved in conversation-level security and it is not
aware of any security checking performed on its behalf. The server TP either gets a
conversation start request or it does not, depending on the success or failure of the
security checks.
The Security Manager
Currently, SNAX/APC supports Safeguard for use as the security manager. The
Safeguard subsystem is an optional Tandem product. Safeguard supports only client
authentication, the validation of user ID and password sent by a remote client TP.
Safeguard cannot perform client authorization, determining that a client TP is authorized
to start a conversation with a specific server TP.
Figure 2-3. The Components of Server Conversation-Level Security
014CDT .CDD
SNAX/APC
SNAX/APC
Security
Server
Security
Manager
(Safeguard)
Private Message System Interface
Tandem File System