The basic function of SNT is to register the security information regarding all users. Users not registered in this table will not be allowed to access the system. In order to use the CICS system the user has to sign-on to the terminal using the sign-on transaction CESN or CSSN, where he has to specify his userid and password. The CICS will check that whether both the userid and password are valid and only then it will give access to the system.

The CESN is the sign-on transaction with the External Security Manager (ESM) such as RACF. The ESM userid and password defined in the SNT must be provided for the CESN transaction. The entry to the Sign-on Table is made by a macro DFHSNT where details like user name or userid, password, etc., are specified. In this DFHSNT definition, if the option EXTSEC is given as YES it means that the system is using an ESM and for signing-on the CESN transaction must be used. But EXTSEC is given as NO then that means that no ESM is used and the sign-on transaction to be used is CSSN

Transaction Security

CICS transaction security allows only authorized users to initiate a protected transaction. For making a transaction protected the following steps has to be done. In the SNT entry of the user who has to be given the authority to access the protected transaction, specify the security key parameter, SCTYKEY = n. In the PCT entry of the transaction that has to bd protected, for the TRANSEC parameter specifies the security key given in the SNT. Then if and only if the SCTYKEY and TRANSEC entries match, CICS will allow the initiation of the transaction. Otherwise, CICS rejects the initiation request thus ensuring transaction security.

Transaction Security

Transaction Security

Since the SCTKEY and TRANSEC are both 5, CICS will allow the user ALEXIS to initiate the transaction with id TASK1.

Resource Security

Resource security function is to prevent unauthorized access to protected resources. To achieve this in the SNT entry of the user, specify the Resource level key parameter, RSLKEY=n and depending on the resource that is to be protected specify RSL=n in the respective table entries. That is RSL= n should be specified in FCT for protecting files, JCT for protecting journals,' PCT for protecting transactions, PPT for protecting programs, DCT for protecting transient data and in TST for protecting TSQs in the auxiliary files. Then in the PCT entry of all transactions, where the resource security level check have to made, specify RSLC=YES. If the terminal user initiates a transaction with RSLC=YES, the transaction can access only those resources whose RSL entry matches with the RSLKEY in the SNT. If both the parameters do not match, CICS will return the NOTAUTH condition.

Resource Access Control Facility (RACF)

Resource Access Control FacilityorRACF provides the tools to help the installation manage access to critical resources.

Any security mechanism is only as good as the management control of the people who access the system.Access, in a computer-based environment, means the ability to do something with a computer resource (for example, use, change, or view something).Access controlis the method by which this ability is explicitly enabled or restricted. It is the responsibility of the installation to see that access controls that are implemented are working the way they are supposed to work, and that variances are reported to and acted on by management.

Computer-based access controls are calledlogical access controls. These are protection mechanisms that limit users' access to information to only what is appropriate for them. Logical access controls are often built into the operating system, or can be part of the logic of application programs or major utilities, such as database management systems. They may also be implemented in add-on security packages that are installed into an operating system; such packages are available for a variety of systems, including PCs and mainframes. Further, logical access controls might be present in specialized components that regulate communications between computers and networks.

To be effective, access control must allow management to adopt the principle of least possible privilege for those resources that are deemed to be highly sensitive. This principle says that access to these resources is controlled in such a way that permission to use them is restricted to just those people whose normal duties require their use. Any unusual use of the resource should be approved by an administrator or manager, as well as the owner of the resource.

Resource Access Control FacilityorRACFprovides the tools to manage user access to critical resources. RACF is an add-on software product that provides basic security for a mainframe system (examples of other security software packages include ACF2 and Top Secret, both from Computer Associates).

RACF protects resources by granting access only to authorized users of the protected resources. RACF retains information about users, resources, and access authorities in special structures called profiles in its database, and it refers to these profiles when deciding which users should be permitted access to protected system resources. To help your installation accomplish access control, RACF provides the ability to:

  • Identify and authenticate users
  • Authorize users to access protected resources
  • Log and report various attempts of unauthorized access to protected resources
  • Control the means of access to resources
  • Allow applications to use the RACF macros

RACF uses a user ID and a system-encrypted password to perform its user identification and verification. The user ID identifies the person to the system as a RACF user. The password verifies the user's identity. Often exits are used to enforce a password policy such as a minimum length, lack of repeating characters or adjacent keyboard letters, and also the use of numerics as well as letters. Popular words such as "password" or the use of the user ID are often banned.

The other important policy is the frequency of password change. If a user ID has not been used for a long time, it may be revoked and special action is needed to use it again. When someone leaves a company, there should be a special procedure that ensures that the user IDs are deleted from the system.

RACF, with its lists of users and lists of resources, allows management to delegate the authority to the owners of these entities in such a way as to maintain the separation of duties while maintaining a flexible, responsive access control strategy.

The delegation mechanism in RACF and the easy, nontechnical commands that change the relationship of a user to a resource mean that adopting the principle of least possible privilege need not be burdensome nor inflexible when unusual circumstances dictate that access permission should be changed. When an unforeseen circumstance requires a change in access privilege, the change can be made by a nontechnical person with access to a TSO terminal, and management can be alerted to review the fact that the change was made.

Major subsystems such as CICS® and DB2® can use the facilities of RACF to protect transactions and files. Much of the work to configure RACF profiles for these subsystems is done by the CICS and DB2 system programmers. So, there is a need for people in these roles to have a useful understanding of RACF and how it relates to the software they manage.

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd Protection Status

IBM Mainframe Topics