Previous topic |
Next topic |
Contents |
Index |
Contact z/OS |
Library |
PDF
Providing additional security for devices z/OS HCD User's Guide SC34-2669-00 |
|
Providing additional security for devicesIf your system has stringent security requirements and includes Resource Access Control Facility (RACF), you can ensure that only certain programs can allocate unit record, communication, or graphics devices. These programs include Print Services Facility (PSF) for printers, Advanced Communication Facility/Virtual Telecommunications Access Method (ACF/VTAM) for communication or graphics devices, and JES2 or JES3 for unit record, communication, or graphics devices. When a user attempts to allocate a device, the system uses SAF (the system authorization facility) to issue an authorization check. If RACF is installed, it checks a profile in the DEVICES class to determine whether the user can access the device. If the user does not have authority to access the device, the allocation fails. (Note that the system does not retry an allocation request that fails because the user is not authorized to access the device.) Work with your RACF security administrator to set up profiles in the DEVICES class:
For more details, see z/OS Security Server RACF Security Administrator’s Guidez/OS Security Server RACF Security Administrator’s Guide. |
Copyright IBM Corporation 1990, 2014
|