DOCSLIB.ORG

Security Server RACF System Programmer's Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Security Server RACF System Programmer's Guide z/OS Version 2 Release 3 Security Server RACF System Programmer's Guide IBM SA23-2287-30 Note Before using this information and the product it supports, read the information in “Notices” on page 365. This edition applies to Version 2 Release 3 of z/OS (5650-ZOS) and to all subsequent releases and modifications until otherwise indicated in new editions. Last updated: 2019-02-16 © Copyright International Business Machines Corporation 1994, 2018. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents List of Figures....................................................................................................... xi List of Tables.......................................................................................................xiii About this document............................................................................................xv Intended audience..................................................................................................................................... xv Where to find more information................................................................................................................. xv RACF courses........................................................................................................................................ xv Other sources of information.................................................................................................................... xvi Internet sources...................................................................................................................................xvi How to send your comments to IBM.................................................................... xvii If you have a technical problem............................................................................................................... xvii Summary of changes......................................................................................... xviii Summary of changes for z/OS Version 2 Release 3 (V2R3)................................................................... xviii Summary of changes for z/OS Version 2 Release 2 (V2R2) as updated December 2016.....................xviii Summary of changes for z/OS Version 2 Release 2 (V2R2)..................................................................... xix z/OS Version 2 Release 1 summary of changes........................................................................................ xx Chapter 1. Security and the RACF database............................................................1 Data processing security..............................................................................................................................1 How RACF meets security needs.................................................................................................................1 Identifying and verifying users...............................................................................................................1 Authorizing users to access resources.................................................................................................. 1 Controlling access to resources............................................................................................................. 1 Logging and reporting.............................................................................................................................2 Administering security............................................................................................................................2 Basic RACF concepts................................................................................................................................... 2 RACF and the operating system.................................................................................................................. 2 The RACF database......................................................................................................................................3 Database templates............................................................................................................................... 4 Multiple data set support....................................................................................................................... 6 Backup RACF database.......................................................................................................................... 6 Shared RACF databases......................................................................................................................... 7 Sharing RACF data without sharing a database.....................................................................................9 Creating a RACF database....................................................................................................................10 Finding a location for the RACF database............................................................................................10 Copying your database.........................................................................................................................11 Using DFSMSdss DEFRAG.................................................................................................................... 12 DFSMS enhanced data integrity (EDI)................................................................................................. 12 Monitoring the usable space in your RACF database..........................................................................12 Chapter 2. Performance considerations................................................................15 The RACF database....................................................................................................................................15 Selection of control unit and device.................................................................................................... 15 Shared RACF database.........................................................................................................................15 Multiple data sets.................................................................................................................................16 Database housekeeping.......................................................................................................................16 Creating backup RACF databases........................................................................................................16 Resident data blocks................................................................................................................................. 17 RVARY SWITCH command................................................................................................................... 18 Auditing...................................................................................................................................................... 18 iii Operands requiring the AUDITOR attribute.........................................................................................18 RACF commands........................................................................................................................................19 RACF utility programs................................................................................................................................ 20 BLKUPD.................................................................................................................................................20 IRRUT200............................................................................................................................................. 20 Failsoft processing..................................................................................................................................... 20 Protecting data during its life cycle........................................................................................................... 21 Encryption of data at rest.....................................................................................................................21 Erase-on-scratch..................................................................................................................................22 Installation-written exit routines.............................................................................................................. 22 Using global access checking.................................................................................................................... 23 The SETROPTS command..........................................................................................................................23 Using SETROPTS RACLIST and SETROPTS GENLIST..........................................................................23 Using SETROPTS INITSTATS and SETROPTS STATISTICS..................................................................29 Identification, verification, and authorization of user IDs........................................................................ 31 User identification and verification......................................................................................................31 RACROUTE REQUEST=AUTH processing............................................................................................ 32 RACROUTE REQUEST=FASTAUTH processing...................................................................................
Load more

Recommended publications
  • SMART: Making DB2 (More) Autonomic
    SMART: Making DB2 (More) Autonomic Guy M. Lohman Sam S. Lightstone IBM Almaden Research Center IBM Toronto Software Lab K55/B1, 650 Harry Rd. 8200 Warden Ave. San Jose, CA 95120-6099 Markham, L6G 1C7 Ontario U.S.A. Canada [email protected] [email protected] Abstract The database community has already made many significant contributions toward autonomic systems. IBM’s SMART (Self-Managing And Resource Separating the logical schema from the physical schema, Tuning) project aims to make DB2 self- permitting different views of the same data by different managing, i.e. autonomic, to decrease the total applications, and the entire relational model of data, all cost of ownership and penetrate new markets. simplified the task of building new database applications. Over several releases, increasingly sophisticated Declarative query languages such as SQL, and the query SMART features will ease administrative tasks optimizers that made them possible, further aided such as initial deployment, database design, developers. But with the exception of early research in system maintenance, problem determination, and the late 1970s and early 1980s on database design ensuring system availability and recovery. algorithms, little has been done to help the beleaguered database administrator (DBA) until quite recently, with 1. Motivation for Autonomic Databases the founding of the AutoAdmin project at Microsoft [http://www.research.microsoft.com/dmx/autoadmin/] and While Moore’s Law and competition decrease the per-unit the SMART project at IBM, described herein. cost of hardware and software, the shortage of skilled professionals that can comprehend the growing complexity of information technology (IT) systems 2.
    [Show full text]
  • Minutes of the January 25, 2010, Meeting of the Board of Regents
    MINUTES OF THE JANUARY 25, 2010, MEETING OF THE BOARD OF REGENTS ATTENDANCE This scheduled meeting of the Board of Regents was held on Monday, January 25, 2010, in the Regents’ Room of the Smithsonian Institution Castle. The meeting included morning, afternoon, and executive sessions. Board Chair Patricia Q. Stonesifer called the meeting to order at 8:31 a.m. Also present were: The Chief Justice 1 Sam Johnson 4 John W. McCarter Jr. Christopher J. Dodd Shirley Ann Jackson David M. Rubenstein France Córdova 2 Robert P. Kogod Roger W. Sant Phillip Frost 3 Doris Matsui Alan G. Spoon 1 Paul Neely, Smithsonian National Board Chair David Silfen, Regents’ Investment Committee Chair 2 Vice President Joseph R. Biden, Senators Thad Cochran and Patrick J. Leahy, and Representative Xavier Becerra were unable to attend the meeting. Also present were: G. Wayne Clough, Secretary John Yahner, Speechwriter to the Secretary Patricia L. Bartlett, Chief of Staff to the Jeffrey P. Minear, Counselor to the Chief Justice Secretary T.A. Hawks, Assistant to Senator Cochran Amy Chen, Chief Investment Officer Colin McGinnis, Assistant to Senator Dodd Virginia B. Clark, Director of External Affairs Kevin McDonald, Assistant to Senator Leahy Barbara Feininger, Senior Writer‐Editor for the Melody Gonzales, Assistant to Congressman Office of the Regents Becerra Grace L. Jaeger, Program Officer for the Office David Heil, Assistant to Congressman Johnson of the Regents Julie Eddy, Assistant to Congresswoman Matsui Richard Kurin, Under Secretary for History, Francisco Dallmeier, Head of the National Art, and Culture Zoological Park’s Center for Conservation John K.
    [Show full text]
  • Onsite Program
    2015 ASAP Global Alliance Summit Collaboration at the Core: Forging the Future of Partnering Onsite Program March 2 – 5, 2015 Orlando, Florida Hyatt Regency Orlando www.strategic-alliances.org/summit +1-774-256-1401 Platinum Sponsor Gold Sponsor Silver Sponsors Table of Contents Welcome to the 2015 ASAP Global Alliance Summit . .3 ASAP Executive Committee & Management Board & ASAP Program Committee . .4 Social Media Outlets & ASAP Global Staff . .5 Conference Agenda . .6 ASAP Global Members & Corporate Members . .11 Summit Sponsor Recognition . .12 ASAP Executive, Management & Advisory Board of Directors . .13 Overview of Sessions . .14 Alliance Excellence Awards Finalists . .16 Pre-Conference Professional Development Workshops . .18 Monday Session Descriptions . .21 Tuesday Session Descriptions . .22 Wednesday Session Descriptions . .27 Alliance Management Resource Center . .34 Conference Speakers . .36 2015 ASAP BioPharma Conference Call For Topics . .51 Floor Plan . .53 2 Stay up to date at www.strategic-alliances.org I March 2 – 5, 2015 I Orlando, Florida USA Welcome to the 2015 ASAP Global Alliance Summit On behalf of the Board of Directors and staff of the Association of Strategic Alliance Professionals, welcome to our 2015 Global Alliance Summit. We invite you to take the next three days to learn, engage, and experience the best the profession has to offer! We invite you to fully participate in this highly interactive experience where the learning comes as much from those assembled as from the many top-flight speakers and discussion leaders. Connect with your peers, partners, and industry executives to learn how others are confronting the challenges of our ever-changing business environment and forging the future of partnering.
    [Show full text]
  • The X-Internet Invigorates Supply Chain Collaboration
    AnalystAnalyst OutlookOutlook COLLABORATION5 http://radjou.ASCET.com Navi Radjou The X-Internet Invigorates Forrester Research Supply Chain Collaboration The X-Internet – an executable and extended Internet built from Rapid responses to unforeseen events. Web- post-Web technologies – will transform online collaboration based B2B apps like e-procurement rely on a between supply chain partners. rule-based workflow engine to automate rou- tine transactions between partners. But they’re not designed to let firms actively find Global firms pin big hopes on the Internet’s the world has changed: Empowered customers unplanned events like delayed parts or a capabilities to connect them with customers are more fickle and competitors challenge suc- looming equipment failure in a contractor’s and suppliers. For example, 84 percent of busi- cessful new products more quickly. Firms have plant, let alone resolve them in real time. To nesses surveyed by NAPM/Forrester in come to rely more on partners to improve their provide preemptive customer support and October 2001 view the Internet as a critical ele- supply net performance and customer service. continually optimize asset usage, firms need ment of their purchasing strategy. Many firms To meet the new realities of B2B collaboration, to sense and respond to unforeseen events are stepping up investments in business appli- business apps need to support: without human intervention. cations (apps) that promise to move their Rich, real-time collaboration. Web- offline supply chain transactions to the Web. anchored supply chain apps like those from The X-Internet Reshapes But so far, these Web-centric B2B apps have Manugistics Group can’t rapidly reflect Supply Chain Collaboration failed to deliver the promised benefits because changes in partners’ production schedules Since its birth 30 years ago, the Internet has they are undependable and sluggish.
    [Show full text]
  • The Complete IMS HALDB Guide All You Need to Know to Manage Haldbs
    Front cover The Complete IMS HALDB Guide All You Need to Know to Manage HALDBs Examine how to migrate databases to HALDB Explore the benefits of using HALDB Learn how to administer and modify HALDBs Jouko Jäntti Cornelia Hallmen Raymond Keung Rich Lewis ibm.com/redbooks International Technical Support Organization The Complete IMS HALDB Guide All You Need to Know to Manage HALDBs June 2003 SG24-6945-00 Note: Before using this information and the product it supports, read the information in “Notices” on page xi. First Edition (June 2003) This edition applies to IMS Version 7 (program number 5655-B01) and IMS Version 8 (program number 5655-C56) or later for use with the OS/390 or z/OS operating system. © Copyright International Business Machines Corporation 2003. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Notices . .xi Trademarks . xii Preface . xiii The team that wrote this redbook. xiii Become a published author . xiv Comments welcome. xv Part 1. HALDB overview . 1 Chapter 1. HALDB introduction and structure . 3 1.1 An introduction to High Availability Large Databases . 4 1.2 Features and benefits . 5 1.3 Candidates for HALDB . 6 1.4 HALDB definition process . 7 1.4.1 Database Recovery Control (DBRC) . 9 1.5 DL/I processing . 9 1.6 Logical relationships with HALDB . 10 1.7 Partition selection . 10 1.7.1 Partition selection using key ranges . 10 1.7.2 Partition selection using a partition selection exit routine .
    [Show full text]
  • Digital Media Academy Program Guide VANCOUVER.DIGITALMEDIAACADEMY.ORG TTAEBCLHE OCFACMOPNSTENTS
    IMPACTFUL LEARNING For 20 years, Digital Media Academy has been providing cutting-edge technology education in Silicon Valley and at the most prestigious universities in North America. Digital Media Academy also develops and delivers technology education to teachers around the world. Digital Media Academy Program Guide VANCOUVER.DIGITALMEDIAACADEMY.ORG TTAEBCLHE OCFACMOPNSTENTS Digital Media Academy Overview L ATborutaDnigitsal fMoedriamAcaidnemgy---------------------3 o r OSurtGulobdal Neentwotrks----i--n----t--o------------------- 26 e CLorpiofreatelSoocnialgResCponrseibilaity t--o----r---s------- 27 Register Now ---------------------------------------- 28 TSetucdheCntasmdepvselop competencies to innovate and invent by harnessing the AcbroeuattTiveechpoCtaemnptisal--o--f-t-e--c--h--n--o--l-o--g-y--.----------- 4 Methodology -------------------------------------- 5 Students learn to use screen-time Pmaertanneirnsg-f-u--ll-y--.-I-n--s-t-e--a--d--o--f--b-e--i-n--g--c--o-n--s--u-m---e--rs6of ImtecphancotfluolgBye, nsteufidtsen-t-s---le--a--r-n--t-o--b--e--c-o--m--e------7 producers of technology as problem-solvers, makers, creators, and designers. Pathways Our instructors guide students through an Caodmaputitveer Sprcoiejencte-b+aAsIe-d---c-u--r-r-i-c--u-l-u--m---.--------- 8 CSrteuadtievnetDsensaigvnig-a--t-e--c--h--a-l-l-e--n--g-e--s---b--a-s--e--d---o-n--- 10 real-world problems and work together to Digital Storytelling ---------------------------------- develop creative solutions. 12 Game Design ------------------------------------------- 14 Music Production ----------------------------------- 16 Robotics + Engineering --------------------------- 18 Social Media + Content Creation --------------- 20 Entrepreneurship and Business Ideation ----- 22 VANCOUVER.DIGITALMEDIAACADEMY.ORG ABOUT US Established in 2002 in Silicon Valley on the campus of Stanford University. Delivered cutting-edge technology education to 500,000+ students.
    [Show full text]
  • IBM Centers for Advanced Studies : CASCON
    Country/region [ select ] Home Business solutions IT services Products Support & downloads My IBM CAS Worldwide Homepage Overview Technology Showcase Technical Papers Workshops Schedule at a Glance Speakers by Day CASCON technology showcase CASCON technical papers An amazing range of technology innovations as The technical papers program features experience well as a showcase of research results. Come to reports and original research papers. Best Paper browse the displays and talk to developers and and Best Student Paper awards will be presented Registration is now closed. CASCON 2009 will take place researchers from industry and academia. at Tuesday morning's keynote session. on November 2-5. Learn more Learn more CASCON 2008 Highlights Highlights and video on CASCON speakers ITWorldCanada CASCON workshops Keynote and Frontiers of Software Practice More info From hands-on learning to tutorials to panel presentations by innovators and thought-leaders discussions, CASCON workshops give you a great on topics of world-changing impact. Don't miss Read the highlights article opportunity to acquire new skills and participate in them! View (28kb) lively discussions. Learn more Get Adobe® Reader® Learn more Navigation and resources CASCON 2008 Resources Related links CASCON events CASCON 2008 Videos Registration & sign-in Hotel information IBM University Relations CASCONcamp demo camp Watch full-length videos from Full papers Sponsors Programming Contest High school competition the conference CASCON 2008 Program Contacts Central Click here Committee
    [Show full text]
  • Praise for DB2 10.1/10.5 for Linux, Unix, and Windows Database Administration: Certification Study Guide
    Praise for DB2 10.1/10.5 for Linux, UNIX, and Windows Database Administration: Certification Study Guide This book is far more than a typical certification and study guide.The authors go out of their way to ensure the various topics tested in the certification exam are not simply covered, but rather well understood by the reader. That is to say this book serves as an excellent guide to understanding DB2’s various features and functionalities, and more importantly, under what circumstances they should be used. Hamdi Roumani DB2 Developer IBM Toronto Software Lab Mohan and Kent’s updates have taken what was already a great book to a new level. In the book, you’ll find all you need to know about most new features in V10.1/10.5. There is also additional information on V9.x functionality that will help new and experienced DBAs alike. I particularly enjoyed the sample questions, which are cleverly designed to make the reader think and have detailed explanations behind the correct and incorrect answers. Colin A. Chapman DB2 DBA Lead IBM UK This book is a terrific piece of work. I’ve worked with many DBAs over the years, and Mohan/ Kent are the best—here, they have distilled years of DBA experience into a comprehensive tome that goes beyond passing certification exams. Whether you are a new DBA, an experienced DBA looking at DB2, or an experienced DBA needing to deepen or extend your skills, this book is for you. Simon Woodcock Data Warehouse Consultant IBM Information Management This book isn’t just a valuable study guide, but also an excellent reference that you will likely refer to frequently.
    [Show full text]
  • Analyzing Analytics
    Analyzing Analytics Rajesh Bordawekar Bob Blainey Chidanand Apte IBM Watson Research Center IBM Toronto Software Lab IBM Watson Research Center 1101 Kitchawan Road 8200 Warden Avenue 1101 Kitchawan Road Yorktown Heights, NY 10598 Markham, Ontario L6G 1C7 Yorktown Heights, NY 10598 [email protected] [email protected] [email protected] ABSTRACT tised discounts and table availability for that night; Many organizations today are faced with the challenge but finding and organizing all that information in of processing and distilling information from huge and a short period of time is very challenging. Similar growing collections of data. Such organizations are in- opportunities exist for businesses and governments, creasingly deploying sophisticated mathematical algo- but the volume, variety and velocity of data can rithms to model the behavior of their business processes be far greater. This process of identifying, extract- to discover correlations in the data, to predict trends and ing, processing, and integrating information from ultimately drive decisions to optimize their operations. raw data, and then applying it to solve a problem These techniques, are known collectively as analytics, is broadly referred to as analytics. and draw upon multiple disciplines, including statistics, Table 1 presents a sample of analytic applications quantitative analysis, data mining, and machine learn- from different domains, along with their functional ing. characteristics. As this table illustrates, many ser- In this survey paper, we identify some of the key tech- vices that we take for granted and use extensively niques employed in analytics both to serve as an intro- in everyday life would not be possible without an- duction for the non-specialist and to explore the oppor- alytics.
    [Show full text]
  • IBM Research Report Analyzing Analytics Rajesh Bordawekar1, Bob
    RC25317 (WAT1209-067) September 22, 2012 Mathematics IBM Research Report Analyzing Analytics Rajesh Bordawekar1, Bob Blainey2, Chidanand Apte1 1IBM Research Division Thomas J. Watson Research Center P.O. Box 208 Yorktown Heights, NY 10598 USA 2IBM Toronto Software Lab 8200 Warden Avenue Markham, Ontario L6G 1C7 Canada Research Division Almaden - Austin - Beijing - Cambridge - Haifa - India - T. J. Watson - Tokyo - Zurich Analyzing Analytics Rajesh Bordawekar Bob Blainey Chidanand Apte IBM Watson Research Center IBM Toronto Software Lab IBM Watson Research Center 19 Skyline Drive 8200 Warden Avenue 1101 Kitchawan Road Hawthorne, NY 10532 Markham, Ontario L6G 1C7 Yorktown Heights, NY 10598 [email protected] [email protected] [email protected] 1 Math iscoolagain More and more organizations are run around the clock, across mul- tiple geographies and time zones and those organizations are being From streaming news updates on smart-phones, to instant messages instrumented to an unprecedented degree. This has resulted in a on micro-blogging sites, to posts on social network sites, we are all deluge of data that can be studied to harvest valuable information being overwhelmed by massive amounts of data [33, 27]. Access and make better decisions. In many cases, these large volumes of to such a large amount of diverse data can be of tremendous value data must be processed rapidly in order to make timely decisions. if useful information can be extracted and applied rapidly and ac- Consequently, many organizations have employed analytics to help curately to a problem at hand. For instance, we could contact all them decide what kind of data they should collect, how this data of our nearby friends for a dinner at a local mutually agreeable should be analyzed to glean key information, and how this infor- and well-reviewed restaurant that has advertised discounts and ta- mation should be used for achieving their organizational goals.
    [Show full text]
  • 2017 Annual Report
    Let’s put IBM2017 Annual Report smart to work. 2017 Annual Report Dear IBM Investor: The businesses of the world are changing the way they work. We have prepared your company for this moment. During the past five years, propelled by our belief that the phenomenon of data would reorder technology and business, we have undertaken one of the most ambitious reinventions in IBM’s modern history. This phase is largely complete. IBM is now a cognitive solutions and cloud platform company. IBM now possesses capabilities that are unmatched in our industry to address our clients’ most pressing needs. In my letter to you this year, I will describe our performance in 2017, which reflects the progress we have made in building these capabilities. And I will explain why we believe this moment marks an inflection point, not just for our company, but for business and society at large. 2 The substantial progress we made last year In addition, our Technology Services and Cloud Platform team is working with clients worldwide to integrate public, private We achieved operating earnings per share of $13.80, up and managed cloud environments through a single architecture. 2 percent. Our revenue for the year was $79.1 billion, with operating pre-tax income of $13.9 billion. In the fourth quarter, IBM is the clear leader in quantum computing. The world’s first we grew revenue 4 percent, 1 percent adjusted for the effects (and only) prototype 50-qubit system, announced in 2017, was of currency (as are all other revenue numbers in this letter).
    [Show full text]
  • Mass Deployment of DB2 Universal Database Version 8.2 on Microsoft Windows Operating Systems
    Mass deployment of DB2 Universal Database Version 8.2 on Microsoft Windows operating systems Mass deployment of DB2 Universal Database Version 8.2 on Microsoft Windows operating systems ii Mass deployment of DB2 Universal Database Version 8.2 on Microsoft Windows operating systems Contents Authors . .v Deploying DB2 UDB products using Microsoft Systems Management Server (SMS) 2003 . .20 Chapter 1. Introduction . .1 Packaging DB2 UDB using SMS . .20 Distributing DB2 UDB using SMS . .25 Deploying DB2 UDB products using Tivoli Software Chapter 2. DB2 UDB Version 8.2 product Distribution 4.2 . .32 overview . .3 DB2 UDB software package creation options . .32 DB2 clients . .3 Creating software packages for installation using DB2 UDB servers and database engines . .4 the Software Package Editor . .33 DB2 UDB developer’s editions . .4 Creating a DB2 UDB software package using the DB2 UDB features . .5 Package Definition File Importer tool . .47 Deploying DB2 UDB product FixPaks . .48 Chapter 3. DB2 UDB product unattended installation capabilities . .7 Chapter 6. Diagnosing problems with DB2 UDB product response files . .7 distributed installations . .51 Creating a response file. .7 Troubleshooting silent installations . .51 Creating a DB2 configuration profile . .9 Locating the installation log files . .51 Recording tracing information . .51 Chapter 4. Reducing the size of the Reading the log files . .51 DB2 UDB product installation image . .11 Determining installation success or failure . .53 How the db2iprune utility works . .11 Response file errors. .54 Pruning a DB2 UDB product installation image . .12 The WiLogUtl.exe file tool . .55 Chapter 5. Deployment of DB2 UDB Chapter 7. Notices . .57 products .
    [Show full text]