OS/390 OpenEdition
OS/390 Release 2 OpenEdition adds new capabilities for which RACF provid support.
Authorizing and Auditing Server Access to the CCS and WLM
Services
OS/390 Release 2 OpenEdition adds the capability to check whether ser authorized to use the console communications service (CCS) and the worklo manager (WLM) service. RACF provides support for this capability by det whether the server identity has authority to the service, and by a access to these services.
RACF provides two new audit function codes for these services. The aud based on the existing PROCESS class.
Auditing the Passing of Access Rights
OS/390 Release 2 OpenEdition implements the passing of access rights fro process to another. A sending process opens a file and passes the ope descriptor to a receiving process via a UNIX domain socket connection. writes SMF type 80 records when:
Ÿ The access rights are passed by the sending process.
Ÿ The access rights are received by the receiving process.
ŸThe access rights are discarded by the receiving process without received.
RACF provides a new event code and 3 new audit function codes for th records. Auditing is based on the existing PROCACT class.
SOMobjects for MVS
RACF provides support for Version 1 Release 2 of SOMobjects for MVS. A
application running | in | an | OS/2, | AS/400, | or MVS | environment | requesting | distribu | ||||
SOM | (DSOM) | services | can | have | those services run in an | MVS | server. To | sup | ||||
the | use | of remote | objects | with | SOMobjects | for MVS, | RACF | does | the | follo | ||
ŸAuthenticates the user as a valid and correct user through the pr password
Ÿ | Verifies | the | user's access to | use the requested server |
Ÿ | Verifies | the | server's access | to use the method within the specif |
ŸVerifies that only approved servers can register with the SOMojbect server daemon, preventing unauthorized users from starting trojan hors servers
SystemView for MVS
SystemView for MVS consists of programs that run on the user's workstati programs that run on MVS. SystemView for MVS displaysLaunch windowa that
contains a customized task treetask . treeThisrepresents systems management
programs, or applications, to which the workstation user can get access information needed by the SystemView for MVS client code running in the workstation is created and stored on the
8 OS/390 V1R2.0 Security Server (RACF) Planning: Installation and Migration
