IBM Resource Access Control Facility

From Wikipedia, the free encyclopedia

RACF, short for Resource Access Control Facility, is an IBM software product. It is a security system that provides access control and auditing functionality for the z/OS and z/VM operating systems. Its primary market competitors have been ACF2 and TopSecret, both now produced by Computer Associates.

In addition to being one of the most mature and scalable security monitors in computing, it has some interesting features that are not often found in Microsoft Windows or Unix environments. It can, for example, set permissions for file patterns — that is, set the permissions even for files that do not yet exist. Those permissions are then used should the file (or other object) be created at a later time. In other words, RACF establishes security policies rather than just permission records.

RACF has continuously evolved to support such modern security features as digital certificates/public key infrastructure services, LDAP interfaces, and case sensitive IDs/passwords. (The last is a reluctant concession to promote interoperability with other systems, such as Unix and Linux.) The underlying zSeries hardware works closely with RACF. For example, digital certificates are protected within tamper-proof cryptographic processors. Major mainframe subsystems, especially DB2 Version 8, leverage RACF to provide multi-level security (MLS).

[edit] External links

Retrieved from "http://en.wikipedia.org../../../i/b/m/IBM_Resource_Access_Control_Facility_6be9.html"
In other languages