Resource Access Control Facility (RACF)

The Resource Access Control Facility (RACF®) provides software access control measures that can be used to enhance data security in a computing system. RACF can be used in addition to any data security measure currently being used.

RACF provides the ability to specify access authorities under which the permanent DASD data sets, tape volumes, DASD volumes, terminals, and other resources are made available to the users of the system. RACF can protect VSAM, non-VSAM, cataloged, and uncataloged data sets, including program libraries and individual programs.

When the security administrator defines users, groups, DASD data sets, tape volumes, DASD volumes, terminals, and other resources to RACF, RACF builds and stores their descriptions in profiles on the RACF data base. RACF uses these profiles for authorization checking and user identification and verification.

For a description of the RACROUTE macro, see z/OS Security Server RACROUTE Macro Reference For information on how to use RACF to protect resources, see z/OS Security Server RACF Security Administrator's Guide.

Parent topic: Protecting the system