©HCCS & IBM® 2009 Stephen Linkin 1 Security On z/OS Stephen S. Linkin Houston Community College ©...
-
Upload
holly-jacobs -
Category
Documents
-
view
214 -
download
1
Transcript of ©HCCS & IBM® 2009 Stephen Linkin 1 Security On z/OS Stephen S. Linkin Houston Community College ©...
![Page 1: ©HCCS & IBM® 2009 Stephen Linkin 1 Security On z/OS Stephen S. Linkin Houston Community College © HCCS and IBM 2009.](https://reader035.fdocuments.us/reader035/viewer/2022080916/56649e995503460f94b9ba81/html5/thumbnails/1.jpg)
1©HCCS & IBM® 2009Stephen Linkin
Security On z/OS
Stephen S. LinkinHouston Community College
© HCCS and IBM 2009
![Page 2: ©HCCS & IBM® 2009 Stephen Linkin 1 Security On z/OS Stephen S. Linkin Houston Community College © HCCS and IBM 2009.](https://reader035.fdocuments.us/reader035/viewer/2022080916/56649e995503460f94b9ba81/html5/thumbnails/2.jpg)
2©HCCS & IBM® 2009Stephen Linkin
4/20/09
Why Security?
Easy To Create And Access Computerized Information
Dependent On Computer Systems Intentional/Accidental Damage System Cannot Be Compromised
![Page 3: ©HCCS & IBM® 2009 Stephen Linkin 1 Security On z/OS Stephen S. Linkin Houston Community College © HCCS and IBM 2009.](https://reader035.fdocuments.us/reader035/viewer/2022080916/56649e995503460f94b9ba81/html5/thumbnails/3.jpg)
3©HCCS & IBM® 2009Stephen Linkin
4/20/09
Security Facilities of z/OS
Provide Individual And Group Authority Block Viruses, And Trojan Horses Main Threat Within Do Not Permit General TSO/ISPF Users
Access To Production Systems
![Page 4: ©HCCS & IBM® 2009 Stephen Linkin 1 Security On z/OS Stephen S. Linkin Houston Community College © HCCS and IBM 2009.](https://reader035.fdocuments.us/reader035/viewer/2022080916/56649e995503460f94b9ba81/html5/thumbnails/4.jpg)
4©HCCS & IBM® 2009Stephen Linkin
4/20/09
Security Roles
System Programmer
Security Administrator
![Page 5: ©HCCS & IBM® 2009 Stephen Linkin 1 Security On z/OS Stephen S. Linkin Houston Community College © HCCS and IBM 2009.](https://reader035.fdocuments.us/reader035/viewer/2022080916/56649e995503460f94b9ba81/html5/thumbnails/5.jpg)
5©HCCS & IBM® 2009Stephen Linkin
4/20/09
The IBM Security Server
Basic Provisions User ID and Password Restricting Functions
Component List DCE Security Server LDAP Server z/OS Firewall Network Authentication Service Enterprise Identity Mapping PKI Services Resource Access Control Facility (RACF)
![Page 6: ©HCCS & IBM® 2009 Stephen Linkin 1 Security On z/OS Stephen S. Linkin Houston Community College © HCCS and IBM 2009.](https://reader035.fdocuments.us/reader035/viewer/2022080916/56649e995503460f94b9ba81/html5/thumbnails/6.jpg)
6©HCCS & IBM® 2009Stephen Linkin
4/20/09
The IBM Security Server
RACF Identify And Authenticate Users Authorize Users To Access Protected
Resources Log And Report Attempted
Unauthorized Access Control Access To Resources Allow Applications To Use RACF
Macros
![Page 7: ©HCCS & IBM® 2009 Stephen Linkin 1 Security On z/OS Stephen S. Linkin Houston Community College © HCCS and IBM 2009.](https://reader035.fdocuments.us/reader035/viewer/2022080916/56649e995503460f94b9ba81/html5/thumbnails/7.jpg)
7©HCCS & IBM® 2009Stephen Linkin
4/20/09
The IBM Security Server
System Authorization Facility (SAF)
![Page 8: ©HCCS & IBM® 2009 Stephen Linkin 1 Security On z/OS Stephen S. Linkin Houston Community College © HCCS and IBM 2009.](https://reader035.fdocuments.us/reader035/viewer/2022080916/56649e995503460f94b9ba81/html5/thumbnails/8.jpg)
8©HCCS & IBM® 2009Stephen Linkin
4/20/09
Security Administration
RACF Remote Sharing Facility (RRSF) RACF With Middleware
![Page 9: ©HCCS & IBM® 2009 Stephen Linkin 1 Security On z/OS Stephen S. Linkin Houston Community College © HCCS and IBM 2009.](https://reader035.fdocuments.us/reader035/viewer/2022080916/56649e995503460f94b9ba81/html5/thumbnails/9.jpg)
9©HCCS & IBM® 2009Stephen Linkin
4/20/09
Operator Console Security
Multiple Console Support (MCS) AUTH keyword on CONSOLE statement
for CONSOLxx LOGON keyword in DEFAULT statement
and RACF commands and profiles.
![Page 10: ©HCCS & IBM® 2009 Stephen Linkin 1 Security On z/OS Stephen S. Linkin Houston Community College © HCCS and IBM 2009.](https://reader035.fdocuments.us/reader035/viewer/2022080916/56649e995503460f94b9ba81/html5/thumbnails/10.jpg)
10©HCCS & IBM® 2009Stephen Linkin
4/20/09
Integrity
z/OS Has Program Integrity And Security The Authorized Program Facility (APF) Storage Protection Cross-memory Communication
Authorized Programs
![Page 11: ©HCCS & IBM® 2009 Stephen Linkin 1 Security On z/OS Stephen S. Linkin Houston Community College © HCCS and IBM 2009.](https://reader035.fdocuments.us/reader035/viewer/2022080916/56649e995503460f94b9ba81/html5/thumbnails/11.jpg)
11©HCCS & IBM® 2009Stephen Linkin
4/20/09
Integrity
z/OS Has Program Integrity And Security The Authorized Program Facility (APF) Storage Protection Cross-memory Communication
Authorized Programs Storage Protection Cross-memory Communication
![Page 12: ©HCCS & IBM® 2009 Stephen Linkin 1 Security On z/OS Stephen S. Linkin Houston Community College © HCCS and IBM 2009.](https://reader035.fdocuments.us/reader035/viewer/2022080916/56649e995503460f94b9ba81/html5/thumbnails/12.jpg)
12©HCCS & IBM® 2009Stephen Linkin
4/20/09
Integrity
z/OS Has Program Integrity And Security The Authorized Program Facility (APF) Storage Protection Cross-memory Communication
Authorized Programs Storage Protection Cross-memory Communication Z/OS Firewall Technologies
![Page 13: ©HCCS & IBM® 2009 Stephen Linkin 1 Security On z/OS Stephen S. Linkin Houston Community College © HCCS and IBM 2009.](https://reader035.fdocuments.us/reader035/viewer/2022080916/56649e995503460f94b9ba81/html5/thumbnails/13.jpg)
13©HCCS & IBM® 2009Stephen Linkin
4/20/09
Summary
Read The Redbook