z/OS 1.6 Security Services Update
An IBM Redbooks publication
Note: This is publication is now archived. For reference only.
This IBM Redbooks publication describes the z/OS Security Services provided by z/OS as of z/OS 1.6.
As this is a vast subject and some of these services have already been addressed by other redbooks, usually in the OS/390–z/OS 1.2 time frame, we concentrate on new services or services that have gone under a noticeable evolution since they were described in previous redbooks, and we provide simple examples of utilization.
The first chapter is a summary of all Security Services available in z/OS 1.6 today.
This book addresses the enhancements in RACF Security Services in the domains of the Unix Security Services, the digital certificate handlings, and the more traditional Program Access to Data Sets (PADS) function, which have all been enhanced to better match the eBusiness needs in terms of compliance with standards and improved security. Note that RACF Multilevel Security (MLS) is also introduced in this book, with a practical example of its application to TCP/IP Security.
Chapter 1. Overview of z/OS Security Services
Chapter 2. RACF Security Server enhancements
Chapter 3. Multilevel Security and RACF
Chapter 4. MLS as applied to TCP/IP communications
Chapter 5. z/OS Integrated Security Services LDAP
Chapter 6. RACF Password Enveloping and z/OS LDAP Change Log
Chapter 7. z/OS Enterprise Identity Mapping (EIM) in a nutshell
Chapter 8. z/OS Network Authentication Service (Kerberos)
Chapter 9. z/OS System SSL
Chapter 10. z/OS OpenSSH
Appendix A. EIM API demo sample code
Appendix B. Sample test programs for PADS enhancements and RACF Password Enveloping