BS2000 offers a number of different access protection mechanisms. Some of these form part of the BS2000 basic configuration whereas others can only be used in conjunction with SECOS. All the access protection mechanisms are object-oriented, i.e. the subjects which can and cannot access an object are specified.

Here, an object is the element that is to be protected. These are usually files. However, depending on the protection mechanism that is used, other objects such as job variables are possible.

The term subject refers to the instance that wants to access the object. Usually, these are the users of the system.

For each object that is to be protected, it is necessary to specify which subjects are permitted access. This specification may be made individually or as part of a set. The action protection mechanisms differ according to the following criteria:

• Method used to define access protection for objects

• Level of detail with which access protection for objects can be defined