Misplaced Pages

ACF2

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.

ACF2 (Access Control Facility 2) is a commercial , discretionary access control software security system developed for the MVS (z/OS today), VSE (z/VSE today) and VM (z/VM today) IBM mainframe operating systems by SKK, Inc. Barry Schrager, Eberhard Klemens, and Scott Krueger combined to develop ACF2 at London Life Insurance in London, Ontario in 1978. The "2" was added to the ACF2 name by Cambridge Systems (who had the North American marketing rights for the product) to differentiate it from the prototype, which was developed by Schrager and Klemens at the University of Illinois β€”the prototype name was ACF. The "2" also helped to distinguish the product from IBM 's ACF/VTAM .

#705294

7-440: ACF2 was developed in response to IBM's RACF product (developed in 1976), which was IBM's answer to the 1974 SHARE Security and Data Management project's requirement whitepaper. ACF2's design was guided by these requirements, taking a resource-rule oriented approach. Unique to ACF2 were the concepts of "Protection by Default" and resource pattern masking. As a result of the competitive tension between RACF and ACF2, IBM matured

14-413: Is a stub . You can help Misplaced Pages by expanding it . This operating-system -related article is a stub . You can help Misplaced Pages by expanding it . RACF RACF [pronounced Rack-Eff], short for R esource A ccess C ontrol F acility, is an IBM software product. It is a security system that provides access control and auditing functionality for the z/OS and z/VM operating systems . RACF

21-511: Is a reluctant concession to promote interoperability with other systems, such as Unix and Linux . The underlying zSeries (now IBM Z ) hardware works closely with RACF. For example, digital certificates are protected within tamper-proof cryptographic processors . Major mainframe subsystems, especially Db2 , use RACF to provide multi-level security (MLS). Its primary competitors have been ACF2 and TopSecret , both now produced by CA Technologies . This computer security article

28-578: The SAF (Security Access Facility) interface in MVS (now z/OS), which allowed any security product to process operating system ("OS"), third-party software and application security calls, enabling the mainframe to secure all facets of mainframe operations. SKK and ACF2 were sold to UCCEL Corporation in 1986, which in turn was purchased by Computer Associates International, Inc. in 1987. Broadcom Inc. now (2019) markets ACF2 as CA ACF2. This security software article

35-416: The concepts and conventions of how RACF is designed and administered was Mainframe Basics for Security Professionals: Getting Started with RACF by Ori Pomerantz, Barbara Vander Weele, Mark Nelson, and Tim Hahn. RACF has continuously evolved to support such modern security features as digital certificates / public key infrastructure services, LDAP interfaces, and case sensitive IDs/passwords. The latter

42-592: The file (or other object) created at a later time. There is a long established technical support community for RACF based around a LISTSERV operated out of the University of Georgia . The list is called RACF-L which is described as RACF Discussion List . The email address of the listserv is RACF-L@LISTSERV.UGA.EDU and can also be viewed via a webportal at https://listserv.uga.edu/scripts/wa-UGA.exe . The first text book published (first printing December 2007) aimed at giving security professionals an introduction to

49-409: Was introduced in 1976. Originally called RACF it was renamed to z/OS Security Server ( RACF ), although most mainframe folks still refer to it as RACF. Its main features are: RACF establishes security policies rather than just permission records. It can set permissions for file patterns—that is, set the permissions even for files that do not yet exist. Those permissions are then used for

#705294