HOME

TheInfoList



Click Here for Items Related To - RACF
OR:
RACF on:   [Wikipedia]   [Google]   [Amazon]

Resource Access Control Facility (RACF) is an
IBM International Business Machines Corporation (using the trademark IBM), nicknamed Big Blue, is an American Multinational corporation, multinational technology company headquartered in Armonk, New York, and present in over 175 countries. It is ...
software security product that provides access control and auditing functions for the
z/OS z/OS is a 64-bit operating system for IBM z/Architecture mainframes, introduced by IBM in October 2000. It derives from and is the successor to OS/390, which in turn was preceded by a string of MVS versions.Starting with the earliest: ...
and z/VM
operating system An operating system (OS) is system software that manages computer hardware and software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), schedule tasks for ...
s. RACF was introduced in 1976. Originally called RACF it was renamed to z/OS Security Server (RACF), although many mainframe professionals still refer to it as RACF. Its main features are: * Identification and verification of a user via user id and password check (authentication) * Identification, classification and protection of system resources * Maintenance of access rights to the protected resources (access control) * Controlling the means of access to protected resources * Logging of accesses to a protected system and protected resources (auditing) RACF establishes security
policies Policy is a deliberate system of guidelines to guide decisions and achieve rational outcomes. A policy is a statement of intent and is implemented as a procedure or protocol. Policies are generally adopted by a governance body within an orga ...
rather than just permission records. It can set permissions for file patterns—that is, set the permissions even for files that do not yet exist. Those permissions are then used for the file (or other object) created at a later time.


Community

There is a long established technical support community for RACF based around a LISTSERV operated out of the
University of Georgia The University of Georgia (UGA or Georgia) is a Public university, public Land-grant university, land-grant research university with its main campus in Athens, Georgia, United States. Chartered in 1785, it is the oldest public university in th ...
. The list is called RACF-L which is described as ''RACF Discussion List''. The email address of the listserv is [email protected] and can also be viewed via a webportal at https://listserv.uga.edu/scripts/wa-UGA.exe .


Books

The first text book published (first printing December 2007) aimed at giving security professionals an introduction to the concepts and conventions of how RACF is designed and administered was ''Mainframe Basics for Security Professionals: Getting Started with RACF'' by Ori Pomerantz, Barbara Vander Weele, Mark Nelson, and Tim Hahn.


Evolution

RACF has continuously evolved to support such modern security features as digital certificates/
public key infrastructure A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to fac ...
services,
LDAP The Lightweight Directory Access Protocol (LDAP ) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed Directory service, directory information services over an Internet Protocol (IP) networ ...
interfaces, and case sensitive IDs/passwords. The latter is a reluctant concession to promote interoperability with other systems, such as
Unix Unix (, ; trademarked as UNIX) is a family of multitasking, multi-user computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, a ...
and
Linux Linux ( ) is a family of open source Unix-like operating systems based on the Linux kernel, an kernel (operating system), operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically package manager, pac ...
. The underlying
zSeries IBM Z is a family name used by IBM for all of its z/Architecture mainframe computers. In July 2017, with another generation of products, the official family was changed to IBM Z from IBM z Systems; the IBM Z family will soon include the newes ...
(now
IBM Z IBM Z is a family name used by IBM for all of its z/Architecture mainframe computers. In July 2017, with another generation of products, the official family was changed to IBM Z from IBM z Systems; the IBM Z family will soon include the newes ...
) hardware works closely with RACF. For example, digital certificates are protected within tamper-proof cryptographic processors. Major mainframe subsystems, especially Db2, use RACF to provide multi-level security (MLS). Its primary competitors have been
ACF2 ACF2 (Access Control Facility 2) is a commercial, discretionary access control software security system developed for the MVS (z/OS today), VSE (z/VSE today) and VM (z/VM today) IBM mainframe operating systems by SKK, Inc. Barry Schrager, Eber ...
and TopSecret, both now produced by CA Technologies.Jeffrey Yost, "The Origin and Early History of the Computer Security Software Products Industry," ''IEEE Annals of the History of Computing'' 37 no. 2 (2015): 46-5
doi
/ref>


References


External links




RACF - An Overview
IBM mainframe operating systems Operating system security IBM mainframe technology {{Computer-security-stub