You can use RACF® to control
access to:
- The system. You can require that all users, including TSO users, MVS™ system operators, and JES system
operators (except operators on locally attached JES3 consoles), log
on and supply a password or password phrase when logging on or submitting
batch jobs. You can also require that all users supply a security
label when logging on or submitting batch jobs.
- Many subsystems and applications, including:
- JES, including job names, JES commands, consoles, JES input devices,
spool, writers (printers) and others
- TSO
- IMS™
- CICS®
- Storage Management Subsystem (SMS)
- DB2®
- VTAM®
- APPC sessions
- Terminals
- MVS and JES consoles
- Data, including:
- Catalogs
- DASD and tape data sets
- DASD and tape volumes
- SYSIN and SYSOUT data on the JES spool
- Message traffic
- Load modules (programs) for execution only, or copying as well
- IMS/CICS transactions
- CICS files, journals, and
so forth
- Installation-defined resources
- APPC transactions and other resources
For more information, see Protecting general resources.