IBM GC28-1920-01 manual RACF Storage Considerations, Virtual Storage, Size

Page 56
RACF Storage Considerations

RACF Storage Considerations

This section discusses storage considerations for RACF.

Virtual Storage

Figure 21 estimates RACF virtual storage usage, for planning purposes.

Figure 21

(Page

1

of

2).

 

RACF Estimated Storage Usage

 

 

 

 

 

 

 

 

 

 

 

 

 

Storage Subpool

 

Usage

 

 

 

 

 

 

 

 

 

 

 

 

 

 

How

to

Estimate

Size

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

FLPA

 

RACF

service

routines,

if

 

IMS

or

CICS

 

is47using000

 

 

 

 

 

 

 

 

 

 

 

 

 

 

RACF

for

 

authorization

checking

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

RACROUTE

REQUEST=FASTAUTH

and

 

 

 

 

 

 

Measure

using

AMBLIST

 

 

 

 

 

 

 

 

 

 

ICHRTX00

exits

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

PLPA

 

RACF

installation

exits

that

are

AMODE(24)

Measureor

using

AMBLIST

 

 

 

 

 

 

 

 

 

 

AMODE(ANY)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

RACF

RMODE(24)

 

code

 

 

 

 

 

 

 

 

750

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

RACF

service

routines,

if

 

IMS

or

CICS

 

is47not000

using

 

 

 

 

 

 

 

 

 

 

 

 

 

RACF for authorization checking, unless

explicitly

 

 

 

 

 

 

 

 

 

 

 

 

 

removed from SYS1.LPALIB and placed

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

elsewhere for use in FLPA

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

RACROUTE

REQUEST=FASTAUTH

and

 

 

 

 

 

 

Measure

using

AMBLIST

 

 

 

 

 

 

 

 

 

 

ICHRTX00

exits

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

RACF

range

table

 

 

 

 

 

 

 

 

 

4 + (number_of_ranges× 45)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

EPLPA

 

RACF

installation

exits

that

are

AMODE(31)

Measure

using

AMBLIST

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

RACF

above-the-line resident modules

 

 

875

000

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

SQA

 

RACF

communications

vector

table

and

extension2800

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Class descriptor table (CNST) and

RACF

router7500 +

58 ×

 

 

 

 

 

 

 

 

 

 

 

 

 

table

 

 

 

 

 

 

 

 

 

 

 

 

 

number_of_customer_defined_classes

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

ESQA

 

RACF

data

sharing

control

area

 

 

 

 

300 (when enabled for sysplex communication)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Class descriptor

table

(CNSX)

 

 

 

 

(number_of_IBM-defined_classes× 28) +

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

(number_of_IBM-defined_entries_in_router× _table

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

30)

+

 

(number_of_customer_defined×_classes

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

58)

+

26

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

For

Security

Server

(RACF)

Release

2,

there

are

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

43 IBM-defined classes and 165 IBM-defined

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

entries

in

the

router

table,

so

the

size

of

the

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

is

6180

+ (number_of_customer_defined_classes

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

× 58). If you

install

a

PTF that adds

entries,

you

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

will

need

to

recalculate

this

number.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

LSQA

 

ACEE

and

related

storage

 

 

 

 

 

 

400 + installation_data_length +

 

 

 

 

 

 

Notes:

 

 

 

 

 

 

 

 

 

 

 

 

 

terminal_installation_data_length

+

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

application_installation_data +

(52

for

every

78

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

1. Applications

can

place

 

this

storage

in

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

different

 

subpool.

 

 

 

 

 

 

 

temporary datasets, rounded up to the next

 

 

 

 

 

 

 

 

 

 

 

 

 

multiple

of

52)

 

 

 

 

 

 

 

 

 

 

 

2. Applications

can

create

multiple

ACEEs

in

this

 

 

 

 

 

 

 

 

 

 

 

 

 

 

and

other

 

storage

subpools.

 

 

 

If the address space has been dubbed an

 

 

 

 

 

 

 

 

OpenEdition process, then add: 52 +

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

(number_of_connected_groups_with× GIDs4)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Add 112 bytes if the user

has

CLAUTH for

a

clas

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

with

a

POSIT

value

over

127.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Formula for average_profile_size:

average_profile_size = 51 + average_installation_data + (average_number× 9)_of+_access_entries (average_number_of_categories× 2) + (average_number_of_conditional_access× 17)_entries

32 OS/390 V1R2.0 Security Server (RACF) Planning: Installation and Migration

Page 55 Page 57
Image 56
Page 55 Page 57
Contents Place graphic in this area. Outline is keyline only. DO NOT PRINT Security Server RACF Planning Installation and MigrationOS/390 Page Security Server RACF Planning Installation and Migration Second Edition, September 1996. AllPage Page Contents MigrationAuditing Considerations Administration ConsiderationsCustomization Considerations Operational Considerations IndexChapter 10. ApplicationPage Figures Page Notices Trademarks How to Use This About This BookWho Should Use This Book xiiiWhere to Find More Information Softcopy PublicationsŸ The OS/390 Security Server RACF Information , PackageSK2T-2180 ServerAdministration, H3927 Elements of Security RACF Installation - Student GG24-3971NotesUsing the Ÿ Tutorial Options for Tuning GG22RACFOther Sources of Information IBM Discussion AreasInternet Sources listserv@uga.cc.uga.eduPublications To Request Copies ofFeatures OS/390xviii ServiceŸ OpenEdition ProductOSA/SF V2R5TSO/EPage Summary of Changes Page Migration Migration Planning ConsiderationsChapter 1. Planning Customization Considerations Installation ConsiderationsAdministration Considerations Auditing Considerations Operational ConsiderationsApplication Development Considerations General User ConsiderationsPage Chapter 2. Release Overview New and Enhanced SupportOS/390 OpenEdition DCE identifiesfunction introduced in OS/390 ReleaseConcepts CheckAuthorizing and Auditing Server Access to the CCS and WLM Services Auditing the Passing of Access RightsOS/390 OpenEdition SOMobjects for MVSMultisystem Nodes RRSF Networknon-main systemsTARGET OS/390 Enable and Disable FunctionsYear NetView 1.10classes FacilityFunction Not Upgraded updated foridentifies function thatComponents for Release3. Summary of Class Descriptor Table CDTCommands lists classeswhich thereCommand Chapter 3. Summary of Changes to RACF Components for OS/390 15ReleaseData Areas Exitslists changed general-use programming interface GUPI data areMacros MessagesFigure 12 lists changes RACF macrosNew Messages Changed MessagesMessages RACF Database Split/Merge Utility IRRUT400Panels Publications LibraryRoutines Figure 13 lists RACF panels that areSYS1.SAMPLIB TemplatesFigure 16 identifies changes to RACF members of SYS1.SAMPLIB RACROUTE REQUEST=EXTRACTTemplate UtilitiesFigure 18 lists changes to RACF utilities for OS/390 Release Utility 0280OS/390 Security Server RACF Planning Installation and forMigration RACF Planning Installation and Migrationfor RACFChapter 4. Planning Considerations Migration StrategyRACF Planning Installation and Migrationfor RACF 2.1, and Hardware RequirementsSoftware Requirements RACF Migration and Planning for RACFRequirements CompatibilityCompatibility Considerations for Remote Sharing Page Chapter 5. Installation Considerations Enabling RACFConsiderations Networksinstallation configuredare in your existing workspace data sets when you install multisystem RChapter 5. Installation Considerations29 mustprefix nodenamesysname local-luprefix.local-node.local-node .INMSG RACF Storage Considerations Virtual StorageThis section discusses storage considerations for RACF Figure 21 estimates RACF virtual storage usage, for planning purposesCustomer Additions to the CDT SubpoolTemplates for RACF on OS/390 Releaseinformation, OS/390see Security Server SystemChapter 6. Customization Considerations Exit Processingand IRRSXT00 Effects of OS/390 OpenEdition DCEIRRSXT00 Installation Exit RACROUTE REQUEST=DEFINE Preprocessing Exit ICHRDX01Chapter 7. Administration Considerations Server RACF Security Administrators. GuideCross-Linking Between RACF Users signonActivating DCEUUIDS ClassSignon to the DCE Encryption Key single signon restrictionsOpenEditionsee DCE Administration .GuideOS/390 OpenEdition DCE Application Considerations Threads and OpenEdition Planning, and inOS/390 OpenEdition Programming AssemblerLibrary Reference callable servicepthread orsecuritynp Changes to RACF Authorization ProcessingRestrictions Enhancements to the Rdceruid Callable ServiceUtility Chapter 7. Administration Considerations43 SYSMVIEWPage Chapter 8. Auditing Considerations SMF RecordsAuditors Guide and OS/390 Server RACF MacrosInterfaces ServicesAuditing New OS/390 Auditing OS/390 OpenEdition DCE Support Auditing SystemView for MVS SupportReport Writer SMF Data Unload UtilityPage Command OS/390 Security Server RACF Command Language Referencefor moreChapter 9. Operational Considerations Enabling and DisablingPage Chapter 10. Application Development Considerations 2000 SupportServers 01yydddFNew Application Services and Security pthread the securitynpService New Application AuthorizationChanges to the Class Descriptor Table Programming InterfacesŸ “Macros” on page Ÿ “Templates” on page Ÿ “Utilities” on page Ÿ “Routines” on pageChapter 11. General User ConsiderationsOpenEdition Reference forPage Chapter 12. NJE Considerations APAR OW14451OW08457 After Applying the PTFActions Required OW08457UACC NODESFAILSAFE APAR OW15408GROUP Page Chapter 13. Scenarios Migrating an ExistingNodes RRSFprefixTARGET NODEMIAMI2 SYSNAMESYSTEM2 LOCAL OPERATIVE On MIAMI2prefixTARGET NODEORLANDO DELETE prefixTARGET NODEMIAMI2 DELETEDELETE RACF DiagnosisOn ORLANDO prefixTARGET NODEORLANDO OPERATIVE PREFIX... PROTOCOL... WORKSPACE Note Thedirection Glossaryaccess Page programming Seegeneral-use programmingSeeinventory Seelogical Seemultisystemlogical other.single-system supervisorytask segment andDFP Index A classes continuedcontinued Page KEYSMSTR SERVERSFSCMD utilitiescontinued Page Edition OS/390 Security Server RACF Information IBM Now you can! TheIBM Online Library Productivity Page Page Communicating Your Comments to IBM commentsReaders Comments - Wed Like to Hear from You OS/390 Security Server RACF Planning Installation and MigrationPublication No. GC28-1920-01 Note CopiesMAIL REPLYBUSINESS IBMPage GC28-192ð-ð1 IBMDrop in Back Cover Image Here
Top Page Image Contents