IBM Support

IBM Security zSecure RACF Password Service Stream Enhancement

News


Abstract

IBM® Security zSecure™ products have been enhanced to support additional functions provided by RACF® APARs OA43998 and OA43999.

Content

Several enhancements were made to RACF to improve the security of passwords and password phrases. The IBM® Security zSecure™ RACF Password Service Stream Enhancement (SSE) implements changes to zSecure products to correctly process RACF profiles after activation of new RACF functions:

  • Allow stronger encryption of passwords
  • Define users with a password phrase and no password
  • Accept additional characters within passwords

Other changes did not require documentation updates and are, therefore, not described in the attached PDF file. For example:
  • Support in the zSecure MERGE function: uses the appropriate fields for the migration of passwords from the source to the target system.
  • Support in the zSecure Audit SMF reporting function: RACF commands can have extra keywords and parameters.

These updates apply to IBM Security zSecure versions V2.1.1 and V2.1.0 and some of them also apply to V1.x.x. The zSecure Admin updates only apply to versions V2.1.1 and V2.1.0. For other versions, support is limited to issuing warning and error messages when a user action might otherwise result in an incorrect change to a RACF user profile.

The PTFs are all marked with ++HOLD FIXCAT information using the following categories:
  • IBM.Function.RACF.PasswordCharacters
  • IBM.Function.RACF.PasswordEncryption

The keywords that are used in the APAR text are RACFPWCHAR/K RACFPWENCR/K.

This document lists the updates for these enhancements to the IBM Security zSecure V2.1.1 documentation:

    IBM Security zSecure Release Information

    IBM Security zSecure Admin and Audit for RACF User Reference Manual, LC27-5639-01

    IBM Security zSecure CARLa Command Reference, LC27-6533-00

    IBM Security zSecure Command Verifier User Guide, SC27-5648-01

    IBM Security zSecure Visual Client Manual, SC27-5647-01

    IBM Security zSecure Messages Guide, SC27-5643-01


Note:
  • Referenced topics that have not changed are not included in this document. You can find them in the publication that the chapter applies to.
  • Changes resulting from support of the RACF password enhancements for IBM Security zSecure CICS® Toolkit did not result in any documentation changes.

Technote zSecure RACF PW SSE.pdfTechnote zSecure RACF PW SSE.pdf

[{"Product":{"code":"SSPQTM","label":"IBM Security zSecure Admin"},"Business Unit":{"code":"BU008","label":"Security"},"Component":"--","Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"1.13.1;1.13.0;1.12;2.1;2.1.1","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}},{"Product":{"code":"SSRQ8D","label":"IBM Security zSecure Audit for RACF"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":" ","Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"1.12;1.13.0;1.13.1;2.1;2.1.1","Edition":"","Line of Business":{"code":"","label":""}},{"Product":{"code":"SSATXH","label":"IBM Security zSecure Suite"},"Business Unit":{"code":"BU008","label":"Security"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}},{"Product":{"code":"SSRMQU","label":"IBM Security zSecure Visual"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":" ","Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"1.13.0;1.12.0;1.13.1;2.1;2.1.1","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}},{"Product":{"code":"SSRPQG","label":"IBM Security zSecure CICS Toolkit"},"Business Unit":{"code":"BU008","label":"Security"},"Component":" ","Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"1.13.0;1.13.1;1.12;2.1;2.1.1","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}},{"Product":{"code":"SSRM9V","label":"IBM Security zSecure Command Verifier"},"Business Unit":{"code":"BU008","label":"Security"},"Component":" ","Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"1.12;1.13.0;1.13.1;2.1;2.1.1","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
29 April 2021

UID

swg21689423

Page Feedback