Resource Access Control Facility: Difference between revisions
imported>Tai Lale m Reworded intro paragraph and added additional source. |
imported>Citation bot Altered isbn. Added date. Removed URL that duplicated identifier. Removed parameters. Some additions/deletions were parameter name changes. Upgrade ISBN10 to 13. | Use this bot. Report bugs. | #UCB_CommandLine |
||
| Line 2: | Line 2: | ||
{{More citations needed|date=August 2012}} | {{More citations needed|date=August 2012}} | ||
'''Resource Access Control Facility (RACF)''' is an [[IBM]] software security product that provides access control and auditing functions for the [[z/OS]] and [[z/VM]] [[operating system]]s.<ref>{{Cite book |last=Winnard 1 |title=IBM z/OS V2R2: Security | | '''Resource Access Control Facility (RACF)''' is an [[IBM]] software security product that provides access control and auditing functions for the [[z/OS]] and [[z/VM]] [[operating system]]s.<ref>{{Cite book |last=Winnard 1 |title=IBM z/OS V2R2: Security |date=December 2015 |isbn=978-0738441276}}</ref> RACF was introduced in 1976.<ref name="IBMRACF">{{cite web|url=http://www.ibm.com/eserver/zseries/racf|title=IBM RACF |website=[[IBM]] | accessdate = August 17, 2012 | ref=IBMRACF}}</ref> Originally called RACF it was renamed to '''z/OS Security Server''' ('''RACF'''), although many mainframe professionals still refer to it as RACF.<ref>{{Cite web|date=2015-07-02|title=z/OS Security Server (RACF)|url=https://www.ibm.com/docs/en/zos/2.2.0?topic=sets-zos-security-server-racf|access-date=2021-08-06|website=www.ibm.com|language=en-us}}</ref> | ||
Its main features are:<ref name="IBMRACF" /> | Its main features are:<ref name="IBMRACF" /> | ||
| Line 17: | Line 17: | ||
== Books == | == Books == | ||
The first text book published (first printing December 2007) aimed at giving security professionals an introduction to the concepts and conventions of how RACF is designed and administered was ''Mainframe Basics for Security Professionals: Getting Started with RACF'' by Ori Pomerantz, Barbara Vander Weele, Mark Nelson, and Tim Hahn.<ref name=":0">{{Cite book | The first text book published (first printing December 2007) aimed at giving security professionals an introduction to the concepts and conventions of how RACF is designed and administered was ''Mainframe Basics for Security Professionals: Getting Started with RACF'' by Ori Pomerantz, Barbara Vander Weele, Mark Nelson, and Tim Hahn.<ref name=":0">{{Cite book|title=Mainframe basics for security professionals: getting started with RACF|date=2008|publisher=IBM Press|author=Ori Pomerantz|isbn=978-0-13-173856-0|location=Upper Saddle River, NJ|oclc=213380831}}</ref> | ||
== Evolution == | == Evolution == | ||
Latest revision as of 15:11, 18 July 2025
Template:Short description Script error: No such module "Unsubst".
Resource Access Control Facility (RACF) is an IBM software security product that provides access control and auditing functions for the z/OS and z/VM operating systems.[1] RACF was introduced in 1976.[2] Originally called RACF it was renamed to z/OS Security Server (RACF), although many mainframe professionals still refer to it as RACF.[3]
Its main features are:[2]
- Identification and verification of a user via user id and password check (authentication)
- Identification, classification and protection of system resources
- Maintenance of access rights to the protected resources (access control)
- Controlling the means of access to protected resources
- Logging of accesses to a protected system and protected resources (auditing)
RACF establishes security policies rather than just permission records. It can set permissions for file patterns—that is, set the permissions even for files that do not yet exist. Those permissions are then used for the file (or other object) created at a later time.[4]
Community
There is a long established technical support community for RACF based around a LISTSERV operated out of the University of Georgia. The list is called RACF-L which is described as RACF Discussion List. The email address of the listserv is RACF-L@LISTSERV.UGA.EDU and can also be viewed via a webportal at https://listserv.uga.edu/scripts/wa-UGA.exe .[5][6]
Books
The first text book published (first printing December 2007) aimed at giving security professionals an introduction to the concepts and conventions of how RACF is designed and administered was Mainframe Basics for Security Professionals: Getting Started with RACF by Ori Pomerantz, Barbara Vander Weele, Mark Nelson, and Tim Hahn.[4]
Evolution
RACF has continuously evolved[7] to support such modern security features as digital certificates/public key infrastructure services, LDAP interfaces, and case sensitive IDs/passwords. The latter is a reluctant concession to promote interoperability with other systems, such as Unix and Linux. The underlying zSeries (now IBM Z) hardware works closely with RACF. For example, digital certificates are protected within tamper-proof cryptographic processors. Major mainframe subsystems, especially Db2, use RACF to provide multi-level security (MLS).
Its primary competitors have been ACF2 and TopSecret, both now produced by CA Technologies.[8]
References
<templatestyles src="Reflist/styles.css" />
- ↑ Script error: No such module "citation/CS1".
- ↑ a b Script error: No such module "citation/CS1".
- ↑ Script error: No such module "citation/CS1".
- ↑ a b Script error: No such module "citation/CS1".
- ↑ Script error: No such module "citation/CS1".
- ↑ Script error: No such module "citation/CS1".
- ↑ Script error: No such module "citation/CS1".
- ↑ Jeffrey Yost, "The Origin and Early History of the Computer Security Software Products Industry," IEEE Annals of the History of Computing 37 no. 2 (2015): 46-58 doi
Script error: No such module "Check for unknown parameters".