Previous topic |
Next topic |
Contact z/OS |
z/OS Security Server RACF System Programmer's Guide
To physically erase security-sensitive data at the time the data set extents are scratched, RACF® and DFSMS provide an erase-on-scratch facility. Erase-on-scratch ensures that when the data set is scratched (deleted or released for reuse), it cannot be read by any program running under control of an IBM® operating system. It enables you to protect both single and multivolume DASD data sets.
With the erase-on-scratch facility, you can designate that specific data sets with a particular security level or that all data sets should be physically erased when the data set is deleted or when some of the space that was allocated to the data set is released. During this process, RACF tells DFSMS that data erasure is required.
The erase-on-scratch facility provides a defense against two types of attacks:
Erase-on-scratch might place an additional load on DASDs, which can have an impact on system performance, depending on how much erasure is being performed and how the erasure is being done. However, you can minimize the impact by various means.
By following these two rules, your data can be erased by the storage subsystem in the overwhelming majority of cases. In those rare cases where the storage subsystem was not able to erase the data, DFSMS erases the data using the ERASE CCW. This is also faster than on older devices because it does not need to wait for disk rotation.
For more information, see z/OS DFSMS Using Data Sets.
Copyright IBM Corporation 1990, 2014