IBM GC28-1920-01 Auditing Considerations, Operational Considerations, General User Considerations

Page 27

Auditing Considerations

Auditing Considerations

Auditors	who are	responsible for	ensuring	proper	access	control and a
for their installation are interested in				changes	to security		options,
report	generation	utilities.
For more	information, see Chapter 8,		“Auditing Considerations”			on	page 45.

Operational Considerations

The installation of a new product release might introduce changes to characteristics. These changes can be in the form of changed command changed messages, or methods of implementing new functions. This book identifies those changes for which you should provide user educatio running this release of the product.

For more information, see Chapter 9, “Operational Considerations” on page

Application Development Considerations

Application development programmers must be aware of new functions intro in a new release of RACF. To implement a new function, the application development personnel should read this book and the following books:

ŸOS/390 Security Server External Security Interface (RACROUTE) Macro Reference,

Ÿ	OS/390	Security	Server	(RACF)	Data,	Areasand
Ÿ	OS/390	Security	Server	(RACF)	Macros	and Interfaces.

To ensure that existing programs run as before, the application progr should be aware of any changes in data areas and processing requi book provides an overview of the changes that might affect existing programs.

For	more information, see Chapter 10, “Application Development Consideration
on	page 51.

General User Considerations

RACF general users use a RACF-protected system to:

Ÿ Log on to the system

Ÿ Access resources on the system

ŸProtect their own resources and any group resources to which the administrative authority

This book provides an overview of the changes that might affect exi procedures for general users. For more information, see Chapter 11, “G User Considerations” on page 55.

Chapter 1. Planning for Migration3

Image 27

Contents Security Server RACF Planning Installation and Migration OS/390Place graphic in this area. Outline is keyline only. DO NOT PRINT Page OS/390 1996. All Second Edition, SeptemberPage Page Migration ContentsAdministration Considerations Customization ConsiderationsAuditing Considerations 10. Application Operational ConsiderationsIndex ChapterPage Figures Page Notices Trademarks xiii How to Use ThisAbout This Book Who Should Use This BookServer Where to Find More InformationSoftcopy Publications Ÿ The OS/390 Security Server RACF Information , PackageSK2T-2180Ÿ Tutorial Options for Tuning GG22RACF Administration, H3927Elements of Security RACF Installation - Student GG24-3971Notes Using thelistserv@uga.cc.uga.edu Other Sources of InformationIBM Discussion Areas Internet SourcesTo Request Copies of PublicationsOS/390 xviiiFeatures V2R5TSO/E ServiceŸ OpenEditionProduct OSA/SFPage Summary of Changes Page Migration Planning Considerations Chapter 1. PlanningMigration Installation Considerations Administration ConsiderationsCustomization Considerations General User Considerations Auditing ConsiderationsOperational Considerations Application Development ConsiderationsPage New and Enhanced Support Chapter 2. Release Overviewintroduced in OS/390 Release OS/390 OpenEdition DCEidentifies functionCheck ConceptsSOMobjects for MVS Authorizing and Auditing Server Access to the CCS and WLM ServicesAuditing the Passing of Access Rights OS/390 OpenEditionsystems Multisystem NodesRRSF Network non-mainOS/390 Enable and Disable Functions YearTARGET Facility NetView1.10 classesthat Function Not Upgradedupdated for identifies functionClass Descriptor Table CDT Components forRelease 3. Summary ofthere Commandslists classes whichChapter 3. Summary of Changes to RACF Components for OS/390 15Release Commandgeneral-use programming interface GUPI data are Data AreasExits lists changedRACF macros MacrosMessages Figure 12 lists changesRACF Database Split/Merge Utility IRRUT400 New MessagesChanged Messages MessagesFigure 13 lists RACF panels that are PanelsPublications Library RoutinesRACROUTE REQUEST=EXTRACT SYS1.SAMPLIBTemplates Figure 16 identifies changes to RACF members of SYS1.SAMPLIBUtilities Figure 18 lists changes to RACF utilities for OS/390 ReleaseTemplate 0280 UtilityMigration Strategy OS/390 Security Server RACF Planning Installation and forMigrationRACF Planning Installation and Migrationfor RACF Chapter 4. Planning ConsiderationsRACF Migration and Planning for RACF RACF Planning Installation and Migrationfor RACF 2.1, andHardware Requirements Software RequirementsCompatibility Compatibility Considerations for Remote SharingRequirements Page Networks Chapter 5. Installation ConsiderationsEnabling RACF Considerationsinstall multisystem R installationconfigured are in your existing workspace data sets when youmust Chapter 5. Installation Considerations29local-lu prefixnodename sysnameprefix.local-node.local-node .INMSG Figure 21 estimates RACF virtual storage usage, for planning purposes RACF Storage ConsiderationsVirtual Storage This section discusses storage considerations for RACFSubpool Customer Additions to the CDTSystem Templates for RACF onOS/390 Release information, OS/390see Security ServerEffects of OS/390 OpenEdition DCE Chapter 6. Customization ConsiderationsExit Processing and IRRSXT00RACROUTE REQUEST=DEFINE Preprocessing Exit ICHRDX01 IRRSXT00 Installation Exitsignon Chapter 7. Administration ConsiderationsServer RACF Security Administrators. Guide Cross-Linking Between RACF UsersDCEUUIDS Class Signon toActivating single signon restrictionsOpenEditionsee DCE Administration .Guide OS/390 OpenEdition DCE Application Considerationsthe DCE Encryption Key OpenEdition Planning, and inOS/390 OpenEdition Programming Assembler Library ReferenceThreads and Changes to RACF Authorization Processing Restrictionscallable servicepthread orsecuritynp Rdceruid Callable Service UtilityEnhancements to the SYSMVIEW Chapter 7. Administration Considerations43Page Server RACF Macros Chapter 8. Auditing ConsiderationsSMF Records Auditors Guide and OS/390Services Auditing New OS/390Interfaces SMF Data Unload Utility Auditing OS/390 OpenEdition DCE SupportAuditing SystemView for MVS Support Report WriterPage Enabling and Disabling CommandOS/390 Security Server RACF Command Language Referencefor more Chapter 9. Operational ConsiderationsPage 01yydddF Chapter 10. Application Development Considerations2000 Support Serverspthread the securitynp New Application Services and SecurityProgramming Interfaces ServiceNew Application Authorization Changes to the Class Descriptor TableŸ “Routines” on page Ÿ “Macros” on page Ÿ “Templates” on page Ÿ “Utilities” on pageReference for Chapter 11. General UserConsiderations OpenEditionPage After Applying the PTF Chapter 12. NJE ConsiderationsAPAR OW14451 OW08457NODES Actions RequiredOW08457 UACCAPAR OW15408 GROUPFAILSAFE Page RRSF Chapter 13. ScenariosMigrating an Existing NodesprefixTARGET NODEMIAMI2 DELETE prefixTARGET NODEMIAMI2 SYSNAMESYSTEM2 LOCAL OPERATIVEOn MIAMI2 prefixTARGET NODEORLANDO DELETERACF Diagnosis On ORLANDODELETE Note The prefixTARGET NODEORLANDO OPERATIVE PREFIX... PROTOCOL... WORKSPACEGlossary accessdirection Page Seegeneral-use programming Seeinventoryprogramming Seemultisystem Seelogicallogical supervisory other.single-systemtask segment andDFP classes continued Index Acontinued Page SERVER SFSCMDKEYSMSTR utilitiescontinued Page IBM  Now you can! TheIBM Online Library ProductivityEdition OS/390 Security Server RACF Information Page Page comments Communicating Your Comments to IBMNote Copies Readers Comments - Wed Like to Hear from YouOS/390 Security Server RACF Planning Installation and Migration Publication No. GC28-1920-01IBM MAILREPLY BUSINESSPage IBM Drop in Back Cover Image HereGC28-192ð-ð1