IBM OS/390 manual Glossary, Update, Mvs, Audit, Group

Page 59

Glossary

A

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

automatic direction of application, andupdates

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

command

 

direction.

 

 

 

 

 

 

 

 

 

 

 

 

 

access .

 

The

ability

to

 

obtain

the

use

of

 

a

protected

.

An

RRSF

function

that

 

 

 

 

resource.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

automatic

 

direction

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

automatically directs commands, ICHEINTY and

 

 

access

authority .

An

authority

 

 

related

to

a

 

 

RACROUTE macros, and password-related updates to

 

 

 

 

request

for

remote

systems. Seeautomaticlso

 

 

 

 

a

type

of

access

 

to

protected

resources.

one

 

or

 

more

 

 

 

 

 

 

In

 

RACF,

the

 

 

 

 

 

 

 

 

 

 

 

 

 

 

access

 

authorities

 

are

NONE,

 

 

EXECUTE,

READ,

 

 

 

command direction, automatic password direction, and

 

 

 

 

 

 

 

 

automatic

direction

of

application.

updates

 

 

UPDATE,

CONTROL,

 

and ALTER.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

accessor

environment

element

(ACEE)

 

 

 

 

.

A

 

 

 

 

 

 

 

automatic

 

direction

of

application

updates

 

.

 

An

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

RRSF function that automatically directs ICHEINTY and

description

of

the

 

current

user,

including

 

 

 

 

user

 

ID,

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

current

 

connect

group,

user

attributes,

and

 

RACROUTE macros that update the RACF database to

 

 

group

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

authorities.

An

ACEE

 

is

constructed

during

 

 

 

one

 

or more remote systems. Profiles in the

 

 

 

user

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

identification

 

and

verification.

 

 

 

 

 

 

 

 

RRSFDATA class control which macros are

 

 

 

 

 

 

 

 

 

 

 

 

 

automatically directed, and to which nodes. See a

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

ACEE .

 

Seeaccessor

 

environment

 

 

element.

 

 

 

 

 

 

automatic direction, automatic command direction, and

 

 

 

 

 

 

 

 

 

 

 

 

 

automatic

password

direction.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

appropriate

privileges

 

 

.

 

In

the

 

OpenEdition

 

MVS

 

 

automatic

 

password

direction

 

 

.

An

extension

of

 

 

 

implementation,

superuser

authority.

A

trusted

 

 

 

 

 

 

 

or

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

privileged

attribute

is

an

attribute

 

 

 

 

 

password synchronization and automatic command

 

 

associated

 

with

a

 

 

 

 

 

 

 

 

 

 

 

 

 

 

started

procedure

 

address

space

and

with

 

direction that causes RACF to automatically change

 

 

any

 

 

process

 

 

 

 

 

 

 

 

 

 

 

 

 

 

associated

with

the

address

space.

 

 

 

 

 

password for a user ID on one or more remote no

 

 

 

 

 

after

 

the

password for that user ID is changed

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

AUDIT

request

.

 

The

issuing

of

 

the

RACROUTE

 

 

local

 

node.

Profiles

in

the

RRSFDATA

class

control

for

 

 

macro

 

 

 

users

and

nodes

passwords

are

automatically

with

REQUEST=AUDIT

specified.

An

AUDIT

 

 

 

 

which

 

request

 

is

 

 

 

Seepasswalsord

 

synchronization,

automatic

 

a

general-purpose

security-audit

request

 

 

 

directed.

 

 

that

can be

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

used

to

audit

a

specified

resource

 

name

 

 

command direction, automatic direction of application

 

 

and

 

action.

 

automatic

direction.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

updates,

and

 

 

 

 

 

 

AUTH

request

 

.

 

The

issuing

of

 

the

RACROUTE

macro

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

with

REQUEST=AUTH

specified.

 

The

primary

function

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

of

an

AUTH

request

is

to

check

a

user's

 

 

C

 

 

 

 

 

 

 

to

 

 

 

 

 

 

 

 

 

 

 

 

 

 

authorization

 

 

 

 

 

 

 

 

 

 

 

 

 

a

RACF-protected

resource

or

 

function.

 

The

 

AUTH

structure

 

.

A

coupling

facility

structure

that

request

replaces

the

RACHECK

function.

See

 

 

 

cache

 

 

also

 

 

 

 

data

accessed

by

systems

in

a

sysplex.

authorization

checking.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

contains

 

 

 

 

 

 

 

 

 

 

 

 

 

 

provides a way for multiple systems to determine t

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

authority

 

.

The

 

right

to

access

objects,

 

 

 

validity of copies of the cache structure data

 

 

resources,

or

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

local

 

storage.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

functions. Seeaccess authority, class authority,nd

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

group

authority.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

callable

 

service

 

.

In

OpenEdition

 

MVS,

a

request

by

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

authorization

checking

 

 

.

 

The

 

action

of

 

 

 

 

 

 

an active process for a service. Synonymous with

 

 

 

 

 

determining

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

syscall, system call.

 

 

 

 

 

 

 

 

 

 

 

 

 

whether a user is permitted access to a protected

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

resource.

RACF

performs

authorization

checking CDTas. a Seeclass

descriptor. table

 

 

 

 

 

 

result of a RACROUTE REQUEST=AUTH or

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

RACROUTE

 

REQUEST=FASTAUTH.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

class .

 

A

collection

of

RACF-defined entities (users,

automatic

command

direction

 

 

 

.

An

 

 

extension

of

 

 

 

groups, and resources) with similar characteristics.

that

 

 

 

 

 

class

 

names

are

USER,

 

GROUP,

DATASET,

and the

 

 

command

direction

causes

RACF

to

automatically

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

direct certain commands to one or

more

 

 

 

 

classes that are defined in the class descriptor

remote

nodes

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

after

running

the

commands

on

 

 

the

issuing

node.

 

 

authority

(CLAUTH) .

 

An

authority

enabling

a

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

class

 

 

 

 

Commands

can

be

automatically

 

directed

 

based

 

on

 

who

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

user

 

to define RACF profiles in a class defined

issued

the

command,

 

the

 

command

name,

or

the

 

profile

 

 

 

table.

A user can

have

class

aut

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

class

 

descriptor

class

related

 

to

the

command. Profiles

 

in

the

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

RRSFDATA

class

control

 

to

which

 

nodes

commands

 

to one or more classes.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

are automatically directedautomatic. See also

 

 

 

 

 

class

 

 

descriptor

table (CDT) .

 

A table consisting of an

password

direction, automatic

 

command

direction,

 

 

 

entry

 

for

each

class

except

the

USER,

GROUP,

and

Copyright

IBM

Corp.

1994,

1997

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

39

 

 

 

Page 58 Page 60
Image 59
Page 58 Page 60
Contents IBM Page IBM IBM Fourth Edition, SeptemberContents Index RacfConsiderations GetRacf PspiPage USA IBMUSA Page Trademarks Page Book How to Use ThisAbout This Book Who Should Use This BookOS/390 Collection Where to Find More InformationOS/390 Security Server Racf Information , PackageSK2T-2180 Server Racf Information , Package seeIBM Systems Center Publications Sample code Other Sources of InformationSecurity Racf home RACF-L discussion listFTP Servers PublicationsFtp Page OS/390 Version PresentedRACF Planning inInstallationPage Migration Migration Planning ConsiderationsPSP Installation ConsiderationsAdministration Considerations Customization ConsiderationsData Areas OS/390 Security Server Auditing ConsiderationsApplication Development Considerations General User ConsiderationsPage New and Enhanced Support Release OverviewUID Enhancements to Support for OpenEdition ServicesGggg needs Run-Time Library ServicesPassword History Enhancements GIDALL ProgramOW24966 Enhancements to New FmidOW26237 Enhancements Enable/Disable ChangesAccess GuideSYS1.SAMPLIB Callable ServicesNew Callable Services ReleaseUID Class Descriptor Table CDTGID Command Language Reference CommandsParmlib NoclauthPermit Data Areas ICHRFX04 ExitsICHRFX03 Changed Messages MacrosMessages New MessagesPanels Deleted MessagesMember ICHP241CICHP242A ICHH241CData Areas This No longer Licensed Publication Its New Form Publications LibraryChanges to the Racf Publications Library OS/390 Security ServerMigration Strategy Planning ConsiderationsRacf Migration and Planning for Racf 1.9.2GC23-3045 Hardware RequirementsRELEASE=2.4 Keyword on CompatibilityOpenEdition MVS Program Control by System IDPage Racf Estimated Storage Usage Installation ConsiderationsRacf Storage Considerations Virtual StorageHow ICB System Programmers GuidePage RACF/DB2 Customization ConsiderationsCustomer Additions to the Router Table and the CDT RACF/DB2 External Security Module CustomizationOS/390 Security Server Racf System Programmers. Guide Administration Guide Volume , SC26For OS/390 Version Installation Exit ProcessingServer Racf Security Administrators. Guide Administration ConsiderationsTmeadmin Class Password History ChangesRacroute REQUEST=LIST Enhancements of Global Access CheckingSysid Auditing ConsiderationsSMF Records Auditors GuidePage Racroute Icheinty Application Development ConsiderationsProgramming Interfaces Fastauth ChangesPage Security Server Racf General Users. Guide General User ConsiderationsPage Audit UpdateGlossary MVSDirectory DirectionFacility DataHFS EntityGID FileUnit PasswordRequest NodeUtility PositProcess PadsRoot ClassificationVerifyx File SystemTask SyscallTarget Node Sets VerificationName ProfileCics TSO/E How to Get Your Racf CDPage See IndexPlpa See alsoexits IRR@XACS 19 Ispf panelsLsqa Smfid SMF80DTASee alsoRRSF router table RaclistPage Readers Comments Wed Like to Hear from You Readers Comments Wed Like to Hear from You IBMPage IBM
Related manuals
Manual 673 pages 53.75 Kb

OS/390 specifications

IBM OS/390, a versatile operating system, was a cornerstone in enterprise environments and played a pivotal role in mainframe computing. Released in the mid-1990s, OS/390 combined the strengths of IBM's MVS (Multiple Virtual Storage) with new features and enhancements, targeting scalability, reliability, and performance in demanding business applications.

One of the key features of OS/390 was its robust support for multiple users and processes. The system allowed thousands of concurrent users to access applications and data, ensuring high availability and minimizing downtime—a critical requirement for many large organizations. This scalability was supported through various enhancements in memory management and processor scheduling, enabling optimal resource allocation across diverse workloads.

OS/390 was known for its superior workload management capabilities. The Workload Manager (WLM) component allowed administrators to define service policies, specifying how system resources would be allocated according to the priority of tasks. This ensured that critical business processes received the necessary resources while less critical tasks were managed more flexibly.

Another significant characteristic of OS/390 was its commitment to security. The operating system provided comprehensive security features, including user authentication, data encryption, and auditing capabilities. This focus on security was vital for organizations handling sensitive data, ensuring compliance with regulations and safeguarding against unauthorized access.

OS/390 also supported advanced technologies that facilitated integration and development. The system included features like the IBM CICS (Customer Information Control System) for transaction processing and IMS (Information Management System) for database management. These technologies allowed organizations to build robust, high-performance applications tailored to specific business needs.

The ease of network integration was another strength of OS/390. With the advent of the Internet and global connectivity, OS/390 systems could easily interface with various network protocols, enabling businesses to operate in a connected world. This inclusion paved the way for many organizations to expand their capabilities and offer new services, driving digital transformation.

In conclusion, IBM OS/390 represented a significant advancement in mainframe technology, combining scalability, security, and robust workload management. Its rich feature set and support for critical enterprise applications solidified its role as a vital component of many organizations' IT infrastructures, ensuring they could meet their operational challenges head-on while supporting future growth. As technology continues to evolve, the legacy of OS/390 remains influential in the realm of computing.
Top Page Image Contents