SECURIS®

3270 MAP Security

The options within the 3270 map security function are broad and add exciting depth
to the extent of securing a value within a specific field. At last, your enterprise
data security system can be in control of your Hogan data down to the field level.

Securing a Map Upon Input

Map input secures the data as it is deblocked (or input) from user entry.

Secure Map Input against screen scraping applications.

3270 map input secures map data when screen scraping is present.
A screen scraping application can bypass the protecting output attributes
by extracting the data from the screen. In this case, input security is used
to secure the data, as it is input from the screen scraping application.

• Action Level Security

• Protect an entire map from specific actions.

• For example, some users may have authority to process a 'CHG' action in the
• online restraints sub-system, while others are limited to 'INQ' and 'NXT'.
• Without XEC, users who have inquiry access also have update access.

• Field Level Security

• A 'Change' command may be allowed for a screen but only for some fields.
• Protect some fields on the map from maintenance while allowing
• other fields on the screen to be updated.

• Field Level Interrogation

• XEC takes field level security a step further by providing the interrogation
• of entered field contents. Authority to change field contents to the entered
• value may be checked and either allowed or denied.

Securing a Map Before Display

• Map output secures the data before it is displayed (or output) to the screen.

• Protect Entire Maps

• Map output security may be established to prevent the display of maps to
• particular workgroups or users. This gives the application owner the power to
• determine which user groups can access their functions while the enterprise
• data security system controls that access.

• For example, you may deny the viewing of REA maps from
• anyone outside the IRA Department.

• Alter Attribute Bytes Dynamically

• Rather than hardcode map display field attributes, use XEC to dynamically
• change the field attribute bytes based on the authority of the user signed on.
• You can protect or hide a field at the point of execution.

• For example, you may hide employee account deposits from view.
• Or, give access to enter interest rate codes to a few users and protect
• the field from all others by having the cursor skip the field.

• Field Level Interrogation

• Like input security, XEC output security can interrogate the field contents prior to
• display to determine what display authority this user has.

• For example, company sensitive data can be hidden from view at the point of
• execution when a user from a different company is inquiring on the account.

•