Resource Access Control Facility
   HOME

TheInfoList



Click Here for Items Related To - Resource Access Control Facility
OR:
Resource Access Control Facility on:   [Wikipedia]   [Google]   [Amazon]


Introduction

RACF, ronounced Rack-Effshort for Resource Access Control Facility, is an IBM software product. It is a security system that provides access control and auditing functionality for the
z/OS z/OS is a 64-bit operating system for IBM z/Architecture mainframes, introduced by IBM in October 2000. It derives from and is the successor to OS/390, which in turn was preceded by a string of MVS versions.Starting with the earliest: * ...
and
z/VM z/VM is the current version in IBM's VM family of virtual machine operating systems. z/VM was first released in October 2000 and remains in active use and development . It is directly based on technology and concepts dating back to the 1960s, wi ...
operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems schedule tasks for efficient use of the system and may also i ...
s. RACF was introduced in 1976. Originally called RACF it was renamed to z/OS Security Server (RACF) although most mainframe folks still refer to it as RACF. Its main features are: * Identification and verification of a user via user id and password check (authentication) * Identification, classification and protection of system resources * Maintenance of access rights to the protected resources (authorization) * Controlling the means of access to protected resources * Logging of accesses to a protected system and protected resources (auditing) RACF establishes security policies rather than just permission records. It can set permissions for file patterns — that is, set the permissions even for files that do not yet exist. Those permissions are then used for the file (or other object) created at a later time .


Community

There is a long established technical support community for RACF based around a LISTSERV operated out of the
University of Georgia , mottoeng = "To teach, to serve, and to inquire into the nature of things.""To serve" was later added to the motto without changing the seal; the Latin motto directly translates as "To teach and to inquire into the nature of things." , establ ...
. The list is called RACF-L which is described as ''RACF Discussion List''. The email address of the listserv is RACF-L@LISTSERV.UGA.EDU and can also be viewed via a webportal at https://listserv.uga.edu/scripts/wa-UGA.exe .


Books

The first text book published (first printing December 2007) aimed at giving security professionals an introduction to the concepts and conventions of how RACF is designed and administered was Mainframe Basics for Security Professionals: Getting Started with RACF by ''Ori Pomerantz'' (Author), ''Barbara Vander Weele'' (Author), ''Mark Nelson'' (Author), ''Tim Hahn'' (Author).


Evolution

RACF has continuously evolved to support such modern security features as
digital certificate In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a public key. The certificate includes information about the key, information about the ...
s/ public key infrastructure services,
LDAP The Lightweight Directory Access Protocol (LDAP ) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory servi ...
interfaces, and case sensitive IDs/passwords. The latter is a reluctant concession to promote interoperability with other systems, such as
Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, an ...
and
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, w ...
. The underlying
zSeries IBM Z is a family name used by IBM for all of its z/Architecture mainframe computers. In July 2017, with another generation of products, the official family was changed to IBM Z from IBM z Systems; the IBM Z family now includes the newest mod ...
(now
IBM Z IBM Z is a family name used by IBM for all of its z/Architecture mainframe computers. In July 2017, with another generation of products, the official family was changed to IBM Z from IBM z Systems; the IBM Z family now includes the newest mod ...
) hardware works closely with RACF. For example, digital certificates are protected within
tamper-proof Tamperproofing, conceptually, is a methodology used to hinder, deter or detect unauthorised access to a device or circumvention of a security system. Since any device or system can be foiled by a person with sufficient knowledge, equipment, and ti ...
cryptographic processors. Major mainframe subsystems, especially Db2, use RACF to provide
multi-level security Multilevel security or multiple levels of security (MLS) is the application of a computer system to process information with incompatible classifications (i.e., at different security levels), permit access by users with different security clearan ...
(MLS). Its primary competitors have been
ACF2 ACF2 (Access Control Facility 2) is a commercial, discretionary access control software security system developed for the MVS (z/OS today), VSE (z/VSE today) and VM (z/VM today) IBM mainframe operating systems by SKK, Inc. Barry Schrager, Eberha ...
and TopSecret, both now produced by
CA Technologies CA Technologies, formerly known as CA, Inc. and Computer Associates International, Inc., is an American multinational corporation headquartered in New York City. It is primarily known for its business-to-business (B2B) software with a product po ...
.Jeffrey Yost, "The Origin and Early History of the Computer Security Software Products Industry," ''IEEE Annals of the History of Computing'' 37 no. 2 (2015): 46-5
doi
/ref>


References


External links




RACF - An Overview
IBM mainframe operating systems Operating system security IBM mainframe technology {{Computer-security-stub