Previous topic |
Next topic |
Contents |
Glossary |
Contact z/OS |
PDF
What is IBM Security Server? Security on z/OS |
|
IBM® Security Server is a set of features in z/OS® that provide security. Security Server provisions include:
Many installations use a package called Security Server, which is commonly referred to by the name of its most well-known component, RACF®. Resource Access Control Facility (RACF) is a component of Security Server. It controls access to all protected z/OS resources. RACF protects resources by granting access only to authorized users of the protected resources and retains information about the users, resources, and access authorities in specific profiles. The following is a list of the security components of z/OS that are collectively known as Security Server:
This server provides a fully functional OSF DCE 1.1 level security server that runs on z/OS.
This server is based on a client/server model that provides client access to an LDAP server. An LDAP directory provides an easy way to maintain directory information in a central location for storage, update, retrieval, and exchange.
This is an IPV4 network security firewall program for z/OS. In essence, the z/OS firewall consists of traditional firewall functions as well as support for virtual private networks. The inclusion of a firewall means that the mainframe can be connected directly to the Internet if required without any intervening hardware and can provide the required levels of security to protect vital company data. With the VPN technology, securely encrypted tunnels can be established through the Internet from a client to the mainframe.
This provides Kerberos security services without requiring that you purchase or use a middleware product such as Distributed Computing Environment (DCE).
This offers a new approach to enable inexpensive solutions to easily manage multiple user registries and user identities in an enterprise.
This allows you to establish a public key infrastructure and serve as a certificate authority for your internal and external users, issuing and administering digital certificates in accordance with your own organization's policies.
This is the primary component of the Security Server; it works closely with z/OS to protect vital resources. The topic of security can be a whole course by itself. In this section, we introduce you to the RACF component and show how its features are used to implement z/OS security. |
Copyright IBM Corporation 1990, 2010
|