IBM Z Software
This portal is to open public enhancement requests against IBM Z Software products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.
IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.
ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.
Hi Holger Wunderlich,
Thank you for your interest in keeping IMS a vital and successful product.
We are happy to notify you that the RFE 33691 has been delivered in IMS 14 APAR PI68127 and IMS 15 APAR PI77663. Also the additional reqs for JZOS are implemented in the IMS 14 APAR PI82480 and IMS 15 APAR PI84302.
Thanks again for your continuous support on IMS.
Haley Fung - hfung@us.ibm.com
After another discussion with my customer we see also security issues if not implemented. Pls see additional arguments here,
The JZOS SYSIN PARSER
would allow to consume IMS/JAVA configuration pieces
from various sources (eg datasets, members, files defined in a STDENV concatenation)
in a controlled and hierarchical manner
Security
The proposed change would allow a customer to implement realms
thus different teams (RACF connect groups) have access to
different parts of the Java configuration for IMS
This would implement clean separation of concerns and configuration change audit trail
(as existing in classical IMS environments today).
Not having this would open a security breach into IMS as
either application people have the ability to change infrastructure definitions
or the other way arround
in addition:
Operations
a)The JZOS implementation would allow to have a common piece of configuration shared over many
regions combined with individual configuration to be concatenated.
this would allow for systemwide, lpar wide, ims wide, application wide or region specific configuration
b) JZOS technique would allow IMS to consume UNIX environment variables set by the system admin
Compatibility/migration
JCL compatibility to existing JZOS batches
would allow easy transition from JZOS to IMS MPP
Status today:
Today there is an high risk to fail an security audit (PCIDSS, BAFIN) if one person/role has to configure IMS for various roles or various roles have the authority to configure everything.
IMS does not allow a secure and consumable configuration option for JAVA today
One can only feed on memer for envvars and command line options
ENVIRON= member
JVMOPMAS=member
Effect if not imlemented:
High risk to fail an security audit (PCIDSS, BAFIN), consequently high risc in terms of data security
Cheers / Holger Wunderlich