Resource Access Control Facility (RACF®) is a security program that serves as a component of the Security Server for z/OS®. RACF governs user actions within the z/OS operating system, enabling users to protect their resources. It safeguards information and other resources by regulating access to them.
IBM RACF for z/OS enables the protection of your mainframe resources by making access control decisions through resource managers. Granting access to only authorized users keeps your data safe and secure.
RACF provides security by:
- identifying and verifying users;
- authorizing users to access protected resources; and
- recording and reporting access attempts.
RACF authenticates users with a password, password phrase, digital certificate, Kerberos ticket or a PassTicket.
RACF retains information about your users, resources and access authorities in its database. This database determines access to protected mainframe system resources based on your security policy.
RACF has logging and reporting functions that identify users who attempt to access the resource, either successfully or unsuccessfully. Detection of security exposures or threats is made possible by this feature.
Through the RRSF, you have the capability to run most RACF commands on a node and a user ID different from the one you are logged on to.
Browse through the z/OS Security Server RACF abstract and PDF library.
Find tools and sample code to help manage your RACF environment.
See how to use RACF to protect your network and communications.