Table of contents
IBM i security protects the system and sensitive information against intentional and unintentional security breaches and threats. The security plan must take into account the three main levels of security, which are :
System-level security : physical location and access to the machine.
User-level security : user ID and password.
Ressource-level security : this determines who can use an object, what rights they have to the object and which functions they can perform.
**System values define the working environment. They can be thought of as setting standards that affect the entire system. To modify system values, we should have the *USE right to use the CHGSYSVAL command, it can be *ALLOBJ authority or SECADM for security-related system values or AUDIT for auditing.
WRKSYSVAL SYSVAL(*SEC) → Work with all security system values
<aside> ⛔
System values are not objects, but rather, a control information for the operation of certain parts of the system Some system values require special authorization, others require an IPL to take effect
</aside>
QSECURITY : System security level
<aside> 💡
QSECURITY is defining the overall system security 40 is the recommended security level 50 is intended for systems with very high security requirements (it can affects performance due to the additional verification carried out by the system)
</aside>
QMAXSIGN : Maximum sign-on attempts allowed
<aside> 💡
QMAXSIGN controls the number of consecutive login attempts allowed for users The default value is 3 attempts
</aside>
QMAXSGNACN : Action to take for failed signon attempts