Keep your z/OS data safe from unauthorized access with RACF

IBM Resource Access Control Facility (RACF®) for z/OS® enables the protection of your mainframe resources by making access control decisions through resource managers. Granting access to only authorized users keeps your data safe and secure.


Identifies and authenticates users

RACF authenticates users with either a password, password phrase, digital certificate, Kerberos ticket, or a PassTicket.

Authorizes access to protected resources

RACF retains information about your users, resources and access authorities in its database. This database determines access to protected mainframe system resources based on your security policy.

Logging and reporting

RACF has logging and reporting functions that identify users who attempt to access the resource, either successfully or unsuccessfully, allowing you to detect possible security exposures or threats.

How RACF protects your z/OS data

  • User identification and authentication
  • Decentralized security administration
  • Discretionary and mandatory access controls
  • Logging to the systems management facility (SMF)
  • Support for auditing and reviewing security environment
  • RACF Remote Sharing Facility (RRSF)