IBM OS/390 manual Direction, Facility, Directory, Data Security, Data Set

Page 60

DATASET

classes. The table is generated

by

 

execresoutingrce

serialization

protocol

that

allows

concurrent

 

the ICHERCDE macro once for each

 

class.

The RACFclassinstances

 

 

to

 

directly

access

and

change

 

the

 

descriptor

table

contains

both

the

IBM

providedsame

 

databaseclasses

while

maintaining

data

integrity

as

 

and

also

the

installation

defined

classes.

 

always.

Data

 

sharing

mode

 

requires

 

installation

of

 

CLAUTH

 

.

Seeclass

authority.

 

 

 

 

 

 

 

 

 

coupling

facility

 

hardware.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

command

direction

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

default

group

 

.

 

 

In

RACF,

the

group

specified

 

in

a

use

 

 

.

A

RRSF

function

that

allows

a

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

connect

 

group.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

profile that is the default current

 

 

user to issue a command

from

 

one

 

user

ID

and

 

direct

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

that

command

 

to

run

under

the

authority

of

DEFINEa differentrequest

.

 

The

issuing

of

the

RACROUTE

 

 

 

 

 

user ID

on

 

the

same

or

a

different

RRSF

nodemacro.

withBeforeREQUEST=DEFINE

specified.

Also,

using

a

 

 

a command can be directed from

one

user

IDRACF tocommand

to

add

or delete a resource profile

 

another,

a

user

ID

association must

be

definedcausesbetweenaDEFINE

request.

The

DEFINE

 

request

 

 

 

 

 

them

via

the

RACLINK

command.

 

 

 

 

 

 

 

 

replaces

the

RACDEF function.

 

 

 

 

 

 

 

 

 

 

 

 

command

interpreter

 

 

.

A

program

that

 

reads

theDFP .

 

See

Data

Facility

Product.

 

 

 

 

 

 

 

 

 

 

commands

that

you

type

in

and

then

executes

them.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

When

you

are

typing

commands

into

the

 

 

 

DFP

 

segment

 

.

 

 

The

portion

of

a

RACF

 

profile

 

 

 

 

 

computer,

 

you

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

are

actually

typing

input

to

the

command

 

 

containing

information

relating

to

the

users

and

 

 

 

interpreter.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

The

interpreter

then

decides

how

 

to

 

 

 

resources

that

are

managed

by the

data

facility

p

 

perform

the

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

(DFP).

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

commands that you have typed. The shell is an

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

example of a command interpreter. Synonymous with

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

command

language

interpreter. See

alsohell.

 

 

 

 

DIRAUTH

 

request

 

 

 

 

.

 

The

issuing

of

the

RACROUTE

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

macro with REQUEST=DIRAUTH specified. A

 

 

 

 

 

 

command

language

interpreter

 

 

 

.

 

Synonym

for

 

 

 

DIRAUTH

request

 

works

on

behalf

of

the

 

 

 

 

 

command

interpreter.

 

 

 

 

 

 

 

 

 

 

 

 

 

message-transmission

managers

 

to

ensure

that

the

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

receiver

of a message meets security-label

 

 

 

 

coupling

facility

.

The

hardware

element

that

providesauthorization

 

 

requirements.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

high-speed caching, list processing, and locking

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

functions

in

a

sysplex.

 

 

 

 

 

 

 

 

 

 

 

directed

 

command

 

 

 

 

.

 

A

RACF

command

that

is

issued

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

from a user ID on

an RRSF node. It runs in the RA

D

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

subsystem

address space on the same or a

differen

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

RRSF

 

node

under

the

authority

of

 

the

same

or a

 

Data

Facility

Product

(DFP)

 

 

 

 

 

 

 

 

 

 

 

 

 

different

 

user

ID.

A

directed

command

is

 

one

that

.

A

 

program

that

isolates

 

 

 

 

 

AT or ONLYAT. Seecommandlso direction

 

 

 

 

 

applications

from

storage

devices,

 

storage

 

specifies

 

 

 

 

 

 

 

 

and

 

automatic

command

direction.

 

 

 

 

 

 

 

 

 

 

 

management, and storage device hierarchy

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

management.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

directory .

(1) A type of file containing the names an

data

security .

 

The protection of data from

 

controlling

information

for other files or other direc

 

 

(2) A

 

construct

for

organizing

computer

files.

As

file

unauthorized

 

disclosure,

modification,

or

destruction,

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

whether

accidental

or

 

intentional.

 

 

 

 

 

 

are analogous to folders that hold information, a

 

 

 

 

 

 

 

 

 

directory

 

is analogous to a drawer that can hold a

data

security

monitor

(DSMON)

 

 

.

 

A

RACF

auditing

 

number

of

folders.

Directories

can

 

also

contain

 

 

 

 

 

 

subdirectories, which can contain subdirectories

of

 

tool

that

produces

reports

enabling

an

 

 

 

 

installation

 

to

file

that

contains

directory

entries.

No

t

verify

its

basic

system

integrity

and

 

 

 

own.

(3) A

 

data-security

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

controls.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

directory entries in the same directory can have t

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

same name. (4) A file that points to files and to ot

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

data

set

profile

.

 

A

profile

that

 

provides

RACF

 

directories.

 

(5) An

index used

by

 

a

control

program

t

 

 

 

locate

blocks of data that are stored in separate

protection for

one

or

 

more

data

sets.

The

 

information

 

in

set in

direct

access

storage.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

of

 

a

data

 

 

 

 

 

 

the profile can include the data-set profile

name,

profile

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

owner,

universal

access

authority,

 

access

list,

 

and

other

A

 

resource

 

profile

 

that

can

 

provide

 

data.

Seediscrete

profileandgeneric

profile.

 

 

 

 

discrete

profile

 

.

 

 

 

 

 

 

 

 

 

RACF protection for only a single resource. For

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

data

sharing

mode

 

.

An

operational

RACF

mode

 

 

example,

a

discrete

profile

can

protect only

a

singl

 

that

 

 

 

set

or

 

minidisk.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

data

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

is available when RACF is enabled for sysplex

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

communication.

 

Data

sharing

mode

uses

global

 

DSMON

 

 

.

 

Seedata

security

.monitor

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

40 OS/390 V2R4.0 Security Server (RACF) Planning: Installation and Migration

Page 59 Page 61
Image 60
Page 59 Page 61
Contents IBM Page IBM Fourth Edition, September IBMContents Racf ConsiderationsGet IndexPspi RacfPage IBM USAUSA Page Trademarks Page How to Use This About This BookWho Should Use This Book BookWhere to Find More Information OS/390 Security Server Racf Information , PackageSK2T-2180Server Racf Information , Package see OS/390 CollectionIBM Systems Center Publications Other Sources of Information SecurityRacf home RACF-L discussion list Sample codePublications FtpFTP Servers Page PresentedRACF Planning inInstallation OS/390 VersionPage Migration Planning Considerations MigrationInstallation Considerations Administration ConsiderationsCustomization Considerations PSPAuditing Considerations Application Development ConsiderationsGeneral User Considerations Data Areas OS/390 Security ServerPage Release Overview New and Enhanced SupportEnhancements to Support for OpenEdition Services UIDRun-Time Library Services Password History EnhancementsGID Gggg needsProgram ALLNew Fmid OW24966 Enhancements toEnable/Disable Changes AccessGuide OW26237 EnhancementsCallable Services New Callable ServicesRelease SYS1.SAMPLIBClass Descriptor Table CDT GIDUID Commands Command Language ReferenceNoclauth PermitParmlib Data Areas Exits ICHRFX03ICHRFX04 Macros MessagesNew Messages Changed MessagesDeleted Messages PanelsICHP241C ICHP242AICHH241C MemberPublications Library Changes to the Racf Publications LibraryOS/390 Security Server Data Areas This No longer Licensed Publication Its New FormPlanning Considerations Migration StrategyHardware Requirements Racf Migration and Planning for Racf 1.9.2GC23-3045Compatibility OpenEdition MVSProgram Control by System ID RELEASE=2.4 Keyword onPage Installation Considerations Racf Storage ConsiderationsVirtual Storage Racf Estimated Storage UsageHow System Programmers Guide ICBPage Customization Considerations Customer Additions to the Router Table and the CDTRACF/DB2 External Security Module Customization RACF/DB2Administration Guide Volume , SC26 For OS/390 Version InstallationExit Processing OS/390 Security Server Racf System Programmers. GuideAdministration Considerations Tmeadmin ClassPassword History Changes Server Racf Security Administrators. GuideEnhancements of Global Access Checking Racroute REQUEST=LISTAuditing Considerations SMF RecordsAuditors Guide SysidPage Application Development Considerations Programming InterfacesFastauth Changes Racroute IcheintyPage General User Considerations Security Server Racf General Users. GuidePage Update GlossaryMVS AuditDirection FacilityData DirectoryEntity GIDFile HFSPassword RequestNode UnitPosit ProcessPads UtilityClassification VerifyxFile System RootSyscall Target NodeTask Verification NameProfile SetsHow to Get Your Racf CD Cics TSO/EPage Index SeeSee alsoexits IRR@XACS 19 Ispf panels LsqaPlpa SMF80DTA See alsoRRSF router tableRaclist SmfidPage Readers Comments Wed Like to Hear from You IBM Readers Comments Wed Like to Hear from YouPage IBM
Related manuals
Manual 673 pages 53.75 Kb

OS/390 specifications

IBM OS/390, a versatile operating system, was a cornerstone in enterprise environments and played a pivotal role in mainframe computing. Released in the mid-1990s, OS/390 combined the strengths of IBM's MVS (Multiple Virtual Storage) with new features and enhancements, targeting scalability, reliability, and performance in demanding business applications.

One of the key features of OS/390 was its robust support for multiple users and processes. The system allowed thousands of concurrent users to access applications and data, ensuring high availability and minimizing downtime—a critical requirement for many large organizations. This scalability was supported through various enhancements in memory management and processor scheduling, enabling optimal resource allocation across diverse workloads.

OS/390 was known for its superior workload management capabilities. The Workload Manager (WLM) component allowed administrators to define service policies, specifying how system resources would be allocated according to the priority of tasks. This ensured that critical business processes received the necessary resources while less critical tasks were managed more flexibly.

Another significant characteristic of OS/390 was its commitment to security. The operating system provided comprehensive security features, including user authentication, data encryption, and auditing capabilities. This focus on security was vital for organizations handling sensitive data, ensuring compliance with regulations and safeguarding against unauthorized access.

OS/390 also supported advanced technologies that facilitated integration and development. The system included features like the IBM CICS (Customer Information Control System) for transaction processing and IMS (Information Management System) for database management. These technologies allowed organizations to build robust, high-performance applications tailored to specific business needs.

The ease of network integration was another strength of OS/390. With the advent of the Internet and global connectivity, OS/390 systems could easily interface with various network protocols, enabling businesses to operate in a connected world. This inclusion paved the way for many organizations to expand their capabilities and offer new services, driving digital transformation.

In conclusion, IBM OS/390 represented a significant advancement in mainframe technology, combining scalability, security, and robust workload management. Its rich feature set and support for critical enterprise applications solidified its role as a vital component of many organizations' IT infrastructures, ensuring they could meet their operational challenges head-on while supporting future growth. As technology continues to evolve, the legacy of OS/390 remains influential in the realm of computing.
Top Page Image Contents