IBM OS/390 manual Entity, Gid, File, Hfs, Pspi

Page 61

E

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

group

authority

 

.

 

An

authority

specifying

 

which

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

functions a user can perform in a group. The grou

entity .

A

user,

group,

 

or

resource

(for

 

authorities are USE, CREATE, CONNECT, and

 

JOIN.

 

 

 

 

 

example,

a

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

DASD

 

data

set) that

is

 

defined

to

RACF.

 

 

group

identifier

(GID) .

(1) In

OpenEdition

 

MVS,

a

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

EXTRACT

request

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

unique

 

number

assigned

to

a

group

of

related

 

user

 

 

.

The

issuing

of

 

the

RACROUTE The

GID

 

can

often

be

substituted

in

 

commands

 

that

macro

with

REQUEST=EXTRACT

 

specified.

An

 

 

 

 

take a group name as an

argument.

(2) A

 

 

 

 

 

 

EXTRACT request retrieves or replaces certainnon-negative integer,

which

can

be

contained

in

 

an

 

specified

fields

from

 

a

RACF

profile

or

 

encodes certain

 

 

 

is used

to

 

identify

a

group

clear-text (readable)

data.

The

EXTRACT

 

 

 

object

of

gidtypet,hat

 

request

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

replaces

the

 

RACXTRT

function.

 

 

 

 

 

 

 

 

 

system users. Each system user is a member of a

 

 

 

 

 

 

 

 

 

 

least one group. When the identity of a group is

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

F

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

associated

with

 

a

process, a group ID value

is

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

to

 

as

 

a

 

real group

ID,

an

effective

group

 

ID,

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

(optional)

 

supplementary

group

IDs,

or

an (optional)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

FASTAUTH

request

 

 

.

 

The

issuing

 

of

the

 

 

 

 

saved set-group-ID.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

RACROUTE

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

macro

with

REQUEST=FASTAUTH

specified.

The

 

 

 

group

profile

 

 

.

 

A

profile

that

defines

 

a

group.

The

primary

function

of

a

FASTAUTH

 

request

is

 

to

a

 

 

 

 

check

 

 

 

 

 

 

 

 

 

 

 

 

the

group

name,

user's

authorization

to

 

a

RACF-protected

 

 

 

information in the profile includes

 

 

resource or

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

profile owner, and users in the group.

 

 

 

 

 

 

function. A FASTAUTH request uses only in-storage

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

profiles

for

 

faster

performance.

The

FASTAUTH

request

 

 

 

 

 

 

programming

interface.

 

 

 

 

 

replaces the FRACHECK function. See also

 

 

 

GUPI

 

.

 

Seegeneral-use

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

authorization

 

checking.

 

 

 

 

 

 

 

 

 

 

 

 

H

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

G

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

HFS

 

.

Seehierarchical

file. system

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

general

 

resource

 

.

Any

system

resource,

other

than

an

file

system

 

(HFS) .

Information

is

 

 

 

 

 

 

MVS

data

set,

that

is

 

defined

in

the

 

 

 

hierarchical

 

 

 

 

 

 

 

 

 

 

class

descriptor

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

table

(CDT).

General

resources

 

are

DASD

 

 

 

organized in a tree-like structure of directories.

 

 

volumes,

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

directories.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

directory can contain files or other

tape volumes, load modules, terminals, IMS and CICS

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

transactions,

and

installation-defined

resource

classes.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

general

 

resource

profile

 

 

.

A

 

profile

that

 

 

 

 

I

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

provides

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

RACF

protection

for

one

 

or

more

general

resources.

Seeinventory

 

control

.block

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

ICB .

 

 

 

 

 

 

 

 

 

 

 

 

The information in the profile can include the general

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

resource

profile

 

name,

 

profile

 

owner,

universal

access

 

block

(ICB)

.

The

first

block

in

a

 

 

authority,

access

list,

and

other

data.

 

inventory

 

control

 

 

 

RACF

database.

The

ICB

contains

a

general

descript

general-use programming interface (GUPI)

 

 

 

 

.

An

 

 

 

 

of

the

 

database.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

interface that IBM makes available for use in

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

customer-written programs with few restrictionsK

and

that

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

does

not

require

knowledge

of

 

the

detailed

design

 

or

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

kernel

.

 

 

(1) In

OpenEdition

 

MVS, the

part

of

an

 

 

implementation of the IBM software product. See also

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

product-sensitive

programming

interface.

(PSPI)

operating

 

system

 

that contains

programs

for

 

such

ta

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

as

I/O,

 

management,

and control of hardware and th

generic

 

profile

 

.

 

A

resource

profile

that

can

provischedeuling

of

user

tasks.

(2) The

 

part

 

of

the

sys

RACF protection for one or more resources. Thethat is an interface with

the

hardware

and

 

provi

resources

protected by a generic profile

serviceshavesimilarfor other

system

layers

such

as

system

names

and

identical security requirements. Forfile system support,

and

device

drivers.

(3) The

p

example,

a

generic data-set profile can protectanoperatingone or system

that performs basic functions s

more

 

data

sets.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

as

allocating

hardware

resources.

(4) A

program

that

GID .

 

Seegroup

 

identifier.

 

 

 

 

 

 

 

 

 

 

can

run

 

under

different

operating

system

environments

 

 

 

 

 

 

 

 

 

 

 

 

See

alsoshell. (5) A

part

of

 

a

program

that

must

 

be

group

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

central storage in order to load other parts of

 

.

 

A

collection

of

 

RACF-defined users

who

can

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

program.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

share

access

authorities

for

protected

 

resources.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Glossary 41

Page 60 Page 62
Image 61
Page 60 Page 62
Contents IBM Page IBM IBM Fourth Edition, SeptemberContents Considerations RacfGet IndexRacf PspiPage USA IBMUSA Page Trademarks Page About This Book How to Use ThisWho Should Use This Book BookOS/390 Security Server Racf Information , PackageSK2T-2180 Where to Find More InformationServer Racf Information , Package see OS/390 CollectionIBM Systems Center Publications Security Other Sources of InformationRacf home RACF-L discussion list Sample codeFtp PublicationsFTP Servers Page OS/390 Version PresentedRACF Planning inInstallationPage Migration Migration Planning ConsiderationsAdministration Considerations Installation ConsiderationsCustomization Considerations PSPApplication Development Considerations Auditing ConsiderationsGeneral User Considerations Data Areas OS/390 Security ServerPage New and Enhanced Support Release OverviewUID Enhancements to Support for OpenEdition ServicesPassword History Enhancements Run-Time Library ServicesGID Gggg needsALL ProgramOW24966 Enhancements to New FmidAccess Enable/Disable ChangesGuide OW26237 EnhancementsNew Callable Services Callable ServicesRelease SYS1.SAMPLIBGID Class Descriptor Table CDTUID Command Language Reference CommandsPermit NoclauthParmlib Data Areas ICHRFX03 ExitsICHRFX04 Messages MacrosNew Messages Changed MessagesPanels Deleted MessagesICHP242A ICHP241CICHH241C MemberChanges to the Racf Publications Library Publications LibraryOS/390 Security Server Data Areas This No longer Licensed Publication Its New FormMigration Strategy Planning ConsiderationsRacf Migration and Planning for Racf 1.9.2GC23-3045 Hardware RequirementsOpenEdition MVS CompatibilityProgram Control by System ID RELEASE=2.4 Keyword onPage Racf Storage Considerations Installation ConsiderationsVirtual Storage Racf Estimated Storage UsageHow ICB System Programmers GuidePage Customer Additions to the Router Table and the CDT Customization ConsiderationsRACF/DB2 External Security Module Customization RACF/DB2For OS/390 Version Installation Administration Guide Volume , SC26Exit Processing OS/390 Security Server Racf System Programmers. GuideTmeadmin Class Administration ConsiderationsPassword History Changes Server Racf Security Administrators. GuideRacroute REQUEST=LIST Enhancements of Global Access CheckingSMF Records Auditing ConsiderationsAuditors Guide SysidPage Programming Interfaces Application Development ConsiderationsFastauth Changes Racroute IcheintyPage Security Server Racf General Users. Guide General User ConsiderationsPage Glossary UpdateMVS AuditFacility DirectionData DirectoryGID EntityFile HFSRequest PasswordNode UnitProcess PositPads UtilityVerifyx ClassificationFile System RootTarget Node SyscallTask Name VerificationProfile SetsCics TSO/E How to Get Your Racf CDPage See IndexLsqa See alsoexits IRR@XACS 19 Ispf panelsPlpa See alsoRRSF router table SMF80DTARaclist SmfidPage Readers Comments Wed Like to Hear from You Readers Comments Wed Like to Hear from You IBMPage IBM
Related manuals
Manual 673 pages 53.75 Kb

OS/390 specifications

IBM OS/390, a versatile operating system, was a cornerstone in enterprise environments and played a pivotal role in mainframe computing. Released in the mid-1990s, OS/390 combined the strengths of IBM's MVS (Multiple Virtual Storage) with new features and enhancements, targeting scalability, reliability, and performance in demanding business applications.

One of the key features of OS/390 was its robust support for multiple users and processes. The system allowed thousands of concurrent users to access applications and data, ensuring high availability and minimizing downtime—a critical requirement for many large organizations. This scalability was supported through various enhancements in memory management and processor scheduling, enabling optimal resource allocation across diverse workloads.

OS/390 was known for its superior workload management capabilities. The Workload Manager (WLM) component allowed administrators to define service policies, specifying how system resources would be allocated according to the priority of tasks. This ensured that critical business processes received the necessary resources while less critical tasks were managed more flexibly.

Another significant characteristic of OS/390 was its commitment to security. The operating system provided comprehensive security features, including user authentication, data encryption, and auditing capabilities. This focus on security was vital for organizations handling sensitive data, ensuring compliance with regulations and safeguarding against unauthorized access.

OS/390 also supported advanced technologies that facilitated integration and development. The system included features like the IBM CICS (Customer Information Control System) for transaction processing and IMS (Information Management System) for database management. These technologies allowed organizations to build robust, high-performance applications tailored to specific business needs.

The ease of network integration was another strength of OS/390. With the advent of the Internet and global connectivity, OS/390 systems could easily interface with various network protocols, enabling businesses to operate in a connected world. This inclusion paved the way for many organizations to expand their capabilities and offer new services, driving digital transformation.

In conclusion, IBM OS/390 represented a significant advancement in mainframe technology, combining scalability, security, and robust workload management. Its rich feature set and support for critical enterprise applications solidified its role as a vital component of many organizations' IT infrastructures, ensuring they could meet their operational challenges head-on while supporting future growth. As technology continues to evolve, the legacy of OS/390 remains influential in the realm of computing.
Top Page Image Contents