By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
438,756 Members | 1,760 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 438,756 IT Pros & Developers. It's quick & easy.

DB2 less secure than CICS???

P: n/a
Whilst in CubeLand, I was informed that our 1970's era COBOL codebase
would not be modernized (?) to utilize Stored Procedures (bound COBOL
code in our case; they've not figured out SQL SP yet) because CICS is
more secure than DB2. I found this a fantastical statement. A review
of this forum didn't reveal any discussions along that line.

Is there any analytic or empirical evidence for this?? My suspicion is
that my COBOL/VSAM/CICS writing colleagues are simply looking for an
excuse to stay in their comfort zone. Any idea where to look for data
about this?
Feb 4 '07 #1
Share this Question
Share on Google+
1 Reply


P: n/a
"BobTheDataBaseBoy" <"xxx at rcn dot com"wrote in message
news:9p******************************@rcn.net...
Whilst in CubeLand, I was informed that our 1970's era COBOL codebase
would not be modernized (?) to utilize Stored Procedures (bound COBOL
code in our case; they've not figured out SQL SP yet) because CICS is
more secure than DB2. I found this a fantastical statement. A review
of this forum didn't reveal any discussions along that line.

Is there any analytic or empirical evidence for this?? My suspicion is
that my COBOL/VSAM/CICS writing colleagues are simply looking for an
excuse to stay in their comfort zone. Any idea where to look for data
about this?
DB2 is a database, and CICS is a TP monitor. In fact, many people use CICS
as the TP monitor for DB2 when developing online applications on MVS(z/OS).
Others use IMS/DC or occasionally TSO/Dialog Manager (which is not good for
a system with many users).

True, CICS has some transaction recovery features using VSAM, but it is not
anywhere as sophisticated as DBA, especially for hardware or system
failures. Certainly DB2 has much better security features against unwanted
access than VSAM (not sure what you mean by "more secure").

BTW, when using CICS and DB2, CICS is always the commit coordinator in the
two-phase commit sequence. So for example, when using pseudo-conversational
mode and a screen is presented to user, the CICS syncpoint causes DB2 to
COMMIT. In fact, when using CICS to access DB2, an explicit COMMIT SQL
statement is not allowed and you must always use EXEC CICS SYNCPOINT
instead.

Your suspicions are probably true, which probably means that no amount of
rational discourse would be productive. Maybe you can persuade them that
learning something new will enhance their careers and potentially be money
in their pockets.
Feb 4 '07 #2

This discussion thread is closed

Replies have been disabled for this discussion.