SAS preserves the data security that is provided by IMS and the operating system.
The
Database Administrator (
DBA) has control over who has access to an IMS
database. A user cannot use IMS facilities through the ACCESS procedure or the
SAS/ACCESS interface view engine unless the
PSB specified provides that user with the appropriate IMS authority. The PSB determines
whether a user can access an IMS database and, if so, the
type of access that you have to the database (Get, Insert, Replace, Delete, or All).
In addition to controlling access to a database, the PSB can also control access to
specific segments and fields in the database. To control
access to a specific database, the DBA can create several view descriptors that describe
the same data in the database,
and assign each
view descriptor a different PSB. Each PSB should define a different type of access to the database.
For example, one PSB would enable a user to insert data
in the database and another PSB would enable a user only to read the data in that
same database. This enables the DBA to provide each user with a PSB that defines
the type of database access the DBA wants to let that user have. Each
segment in a view descriptor must be specified in the PSB that is referenced in the view.