Mainframes has been holding the business critical data of many private and public enterprises across the globe for THE LAST several decades. Reliability, Availability and Serviceability are, indeed, the three historical features that GO TO make Mainframes unique in this aspect. Equally important is the performance, scalability and security features it provides. Mainframe platform is well known for its extreme security capabilities. One of the key challenges here is to ensure that the mainframe is administered appropriately utilising the security features. There are many security products currently available for providing Mainframe security. RACF from IBM, ACF2 and Top Secret from CA Technologies are the three major security products, which are currently in use. Among them, the oldest and most widely used product is RACF (Resource Access Control Facility).
Introduced by IBM in 1976, RACF provides logical access controls for protected resources within a Mainframe system. RACF is a widely recognized security system that provides auditing functionality as well as access control for the z/VM and z/OS operating systems. During the early Mainframe era, security was not a matter of great concern in enterprises. The systems were operated by single users and access controls meant for only physical access at that time. However, as and when multi-user, multi-application, multi-task environments etc became available in Mainframe, the security concepts got more relevant in organizations and thereby people became much aware of the need to protect system resources from unauthorised access. It was during this context that, RACF was introduced.
Features of RACF
RACF efficiently manages the user access to critical information stored in Mainframes, thereby, providing security for the system. In addition, RACF stores information regarding users, resources and access in its database and based on that refers to decide which user should be permitted to access secured system resources. RACF acts as an additional layer in the operating system that checks and verifies user identities and raises requests for resources.
RACF helps meet the needs for security by providing the ability to:
- Identify and verify users
- Identify, classify and protect system resources
- Authorize users to access the protected resources
- Control access to data, applications and system software
- Control access at specific levels (read, write, delete, modify)
- Create a centralized or decentralized security administration environment
- Integrate with the operating system
- Support cryptographic services and digital certificates
- Log and report various attempts of unauthorized access to protected resources
- Audit without modifying applications
RACF, the premier security product that secures valuable business data in Mainframes for the last several decades, has now evolved to support latest security features like digital certificates, public key infrastructure services, case sensitive ID’s and passwords etc. thanks to IBM’s continuous effort to support this. Despite the competition from security products like ACF2 and Top Secret from CA Technologies, RACF remains the industry leader in providing security for Mainframes.