To help you select the products and services that you need to put a data security policy into effect, IBM has categorized these security functions. These functions are based on the International Organization for Standardization (ISO) standard 7498-2:

• Identification and authentication—identifies users to the system and provides proof that they are who they claim to be.
• Access control—determines which users can access which resources.
• Data confidentiality—protects an organization's sensitive data from being disclosed to unauthorized individuals.
• Data integrity—ensures that data is in its original and unaltered form.
• Security management—administers, controls, and reviews a business security policy.
• Nonrepudiation—assures that a message sender cannot deny later that he or she sent the message.

The z/OS Integrated Cryptographic Service Facility (ICSF) provides a cryptographic application programming interface that you can use along with your system's cryptographic feature to put these functions into effect in your data security policy.