6 Chapter 6. CICS Transaction Gateway This chapter looks at the security issues that you face when using a service-oriented architecture (SOA) for your CICS applications, using the CICS Transaction Gateway (TG). This chapter discusses how the CICS TG addresses the issues of authentication, authorization, data integrity, and confidentiality. It also examines how CICS and the CICS TG work together with an External Security Manager such as Resource Access Control Facility (RACF) to provide these facilities. You must decide whether you want to run the CICS TG on z/OS, or on a distributed platform such as a Windows® or a UNIX platform, and flow the request over a network to a remote CICS region. If you are using a distributed platform, you have the choice of whether to reuse the CICS 3270 interface by using the CICS TG external presentation interface (EPI) methods, or whether to interface with the CICS business logic using the CICS TG external call interface (ECI) methods. © Copyright IBM Corp. 2006. All rights reserved. 185