Previous topic |
Next topic |
Contents |
Index |
Contact z/OS |
Library |
PDF
Using RACF to Protect Keys and Services z/OS Cryptographic Services ICSF Administrator's Guide SA22-7521-17 |
|
You can use z/OS Security Server RACF to control which applications can use specific keys and services. This can help you ensure that keys and services are used only by authorized users and jobs. You can also use RACF to audit the use of keys and services. In addition, you can establish a Key Store Policy that defines rules for the use of encrypted key tokens that are stored in a CKDS or PKDS. To use RACF to control access to keys and services, you create and maintain general resource profiles in the CSFKEYS class, the CSFSERV class, and the XFACILIT class.
If you are not the RACF security administrator, you may need to ask assistance from that person. To use the auditing capabilities of RACF, you may need to ask for reports from a RACF auditor. Your installation's security plan should show who is responsible for maintaining these RACF profiles and auditing their use. |
Copyright IBM Corporation 1990, 2014
|