Z software Z security RACF IBM Resource Access Control Facility
Protect your mainframe resources with tools that manage and control access to valuable z/OS data
What is RACF?
Illustration of abstract geometric chevron

Resource Access Control Facility (RACF®) is a security program that serves as a component of the Security Server for z/OS®. RACF governs user actions within the z/OS operating system, enabling users to protect their resources. It safeguards information and other resources by regulating access to them.

IBM RACF for z/OS enables the protection of your mainframe resources by making access control decisions through resource managers. Granting access to only authorized users keeps your data safe and secure.

RACF provides security by:

  • identifying and verifying users;
  • authorizing users to access protected resources; and
  • recording and reporting access attempts.
User identification and authentication

RACF authenticates users with a password, password phrase, digital certificate, Kerberos ticket or a PassTicket.

Identifying and verifying users

Authorizes access to protected resources

RACF retains information about your users, resources and access authorities in its database. This database determines access to protected mainframe system resources based on your security policy.

Authorizing users to access protected resources

Logging and reporting

RACF has logging and reporting functions that identify users who attempt to access the resource, either successfully or unsuccessfully. Detection of security exposures or threats is made possible by this feature.

Recording and reporting access attempts

RACF Remote Sharing Facility (RRSF)

Through the RRSF, you have the capability to run most RACF commands on a node and a user ID different from the one you are logged on to.

Directing commands
Resources z/OS Security Server RACF library

Browse through the z/OS Security Server RACF abstract and PDF library.

RACF downloads

Find tools and sample code to help manage your RACF environment.

IBM Redbooks: Security and Policy-Based Networking

See how to use RACF to protect your network and communications.

Next steps

Discover how to protect your mainframe resources with tools that manage and control access to valuable z/OS data. Schedule a no-cost 30-minute meeting with an IBM Z representative.

Read the user guide
More ways to explore Documentation Support IBM Redbooks® Support and services Global financing Flexible pricing Education and training Community Developer community Business Partners Resources