1©HCCS & IBM® 2009Stephen Linkin
Security On z/OS
Stephen S. LinkinHouston Community College
© HCCS and IBM 2009
2©HCCS & IBM® 2009Stephen Linkin
4/20/09
Why Security?
Easy To Create And Access Computerized Information
Dependent On Computer Systems Intentional/Accidental Damage System Cannot Be Compromised
3©HCCS & IBM® 2009Stephen Linkin
4/20/09
Security Facilities of z/OS
Provide Individual And Group Authority Block Viruses, And Trojan Horses Main Threat Within Do Not Permit General TSO/ISPF Users
Access To Production Systems
4©HCCS & IBM® 2009Stephen Linkin
4/20/09
Security Roles
System Programmer
Security Administrator
5©HCCS & IBM® 2009Stephen Linkin
4/20/09
The IBM Security Server
Basic Provisions User ID and Password Restricting Functions
Component List DCE Security Server LDAP Server z/OS Firewall Network Authentication Service Enterprise Identity Mapping PKI Services Resource Access Control Facility (RACF)
6©HCCS & IBM® 2009Stephen Linkin
4/20/09
The IBM Security Server
RACF Identify And Authenticate Users Authorize Users To Access Protected
Resources Log And Report Attempted
Unauthorized Access Control Access To Resources Allow Applications To Use RACF
Macros
7©HCCS & IBM® 2009Stephen Linkin
4/20/09
The IBM Security Server
System Authorization Facility (SAF)
8©HCCS & IBM® 2009Stephen Linkin
4/20/09
Security Administration
RACF Remote Sharing Facility (RRSF) RACF With Middleware
9©HCCS & IBM® 2009Stephen Linkin
4/20/09
Operator Console Security
Multiple Console Support (MCS) AUTH keyword on CONSOLE statement
for CONSOLxx LOGON keyword in DEFAULT statement
and RACF commands and profiles.
10©HCCS & IBM® 2009Stephen Linkin
4/20/09
Integrity
z/OS Has Program Integrity And Security The Authorized Program Facility (APF) Storage Protection Cross-memory Communication
Authorized Programs
11©HCCS & IBM® 2009Stephen Linkin
4/20/09
Integrity
z/OS Has Program Integrity And Security The Authorized Program Facility (APF) Storage Protection Cross-memory Communication
Authorized Programs Storage Protection Cross-memory Communication
12©HCCS & IBM® 2009Stephen Linkin
4/20/09
Integrity
z/OS Has Program Integrity And Security The Authorized Program Facility (APF) Storage Protection Cross-memory Communication
Authorized Programs Storage Protection Cross-memory Communication Z/OS Firewall Technologies
13©HCCS & IBM® 2009Stephen Linkin
4/20/09
Summary
Read The Redbook
Top Related