This information covers password protection for data sets. The
use of password protection is not recommended, but is provided for
compatibility with other IBM® operating
systems. You should use RACF® protection
(using SAF) instead.
The password protection described does not apply to data
sets and catalogs managed by the Storage Management Subsystem (SMS)
or to VSAM data sets. SMS ignores passwords. In addition, the PROTECT
macro and SVC does not support a volume on a unit defined as dynamic.
If a SAF (system authorization facility)-compliant
security product is active and provides protection for the data set,
then the system bypasses password protection for that data set. Additionally,
the system always bypasses password protection for VSAM and for SMS-managed
data sets. The system provides SMS-managed data set and catalog protection
through the SAF interface. For more SAF information, see "System
Authorization Facility" in z/OS MVS Programming: Assembler Services Guide,
and z/OS MVS Programming: Assembler Services Reference ABE-HSP.
For information about VSAM data set protection, see z/OS DFSMS Using Data Sets and
z/OS DFSMS Access Method Services Commands.
The following are some reasons to use SAF instead of password protection:
- If you give a password to someone, you have no control over to
whom they choose to give it.
- Data sets tend to have various passwords, making you write them
down. This is less secure than if you can memorize one SAF password.
- Batch job access or interactive non-TSO access requires that a
system operator supply a password. Your communication to the operator
is likely to be insecure. That operator might not be present when
your job runs. The operator might have to give each data set's password
to other operators.
- The program is halted while each password is supplied. This is
contrary to the increased automation of modern systems.
- There is no way to know who has used a particular password.
- It is human nature not to change passwords, especially if there
are many. As time passes, there is a greater danger of them being
exposed.
- If more than a small number of data sets have passwords, then
the time for the system to find the PASSWORD data set entry increases
greatly. With RACF, the increase
is much less. With a RACF generic
profile there is no increase in search time when a new data set uses
the same profile.
- With DASD shared between systems, the password definitions on
each system are independent. They can get out of synchronization.
- The PASSWORD data set entry contains the data set name but not
the volume serial number. If you create a data set before defining
a password, you could find that someone has already defined a password
for that data set name. Your data set will require the existing password
just to scratch or rename it.
- Password protection is not supported on system-managed volumes
or on dynamic devices.
To use the data set protection feature of the operating system,
create and maintain a PASSWORD data set consisting of records that
associate the names of the protected data sets with the passwords
assigned to each data set. The ways to maintain the PASSWORD data
set consist of:
- Writing your own routines
- Using the PROTECT macro instruction
- Using the utility control statements of the IEHPROGM utility program
- If you have TSO, using the TSO PROTECT command.
This information discusses only the first two methods. The last
two methods are discussed in the publications shown in the following
list.
Before using this information, you should be familiar with the
contents of the following publications:
- z/OS DFSMS Using Data Sets describes
the data set protection feature.
- The following publications describe the operator messages and
replies associated with the data set protection feature:
- z/OS MVS System Messages, Vol 1 (ABA-AOM)
- z/OS MVS System Messages, Vol 2 (ARC-ASA)
- z/OS MVS System Messages, Vol 3 (ASB-BPX)
- z/OS MVS System Messages, Vol 4 (CBD-DMO)
- z/OS MVS System Messages, Vol 5 (EDG-GFS)
- z/OS MVS System Messages, Vol 6 (GOS-IEA)
- z/OS MVS System Messages, Vol 7 (IEB-IEE)
- z/OS MVS System Messages, Vol 8 (IEF-IGD)
- z/OS MVS System Messages, Vol 9 (IGF-IWM)
- z/OS MVS System Messages, Vol 10 (IXC-IZP)
- z/OS MVS JCL Reference describes
the data definition (DD) statement parameter used to indicate that
a data set is to be password protected. It is a subparameter of the
LABEL parameter.
- z/OS DFSMSdfp Utilities describes
how to maintain the PASSWORD data set using the utility control statements
of the IEHPROGM utility program.
- z/OS TSO/E Command Reference describes
how to use the TSO PROTECT command.