OS/390-z/OS Security, Audit and Control Features

OS/390-z/OS Security, Audit and Control Features PDF

Author:

Publisher: It Governance Institute

Published: 2004

Total Pages: 543

ISBN-13: 9781893209398

DOWNLOAD EBOOK →

The IBM large-scale mainframe system software, although one of the most stable and certainly the most long-lived of such systems, undergoes constant change and continuous updates. It was known as MVS for many years, until recently it was OS/390 and now is z/OS. The need for security and audit professionals to update their knowledge to correspond to the current hardware and software levels is more pronounced than ever before. This publication deals with those concepts, components and functions of OS/390 and z/OS that are deemed to be of primary relevance in terms of the security and audit issues. The publication provides a detailed focus on issues such as: * Business drivers and technology considerations * System initialization, security functions, audit tools and methods * Detailed descriptions of new components and functions * Recently added functions, mainly those that permit the use of the Internet, and UNIX functions in the OS/390 environment * Detailed table listings and suggested approaches for testing * The suggested framework for properly controlled and successful implementation * An Internal control questionnaire and detailed audit program. Call +1.847.253.1545 ext. 401, visit www.isaca.org/bookstore or e-mail [email protected] for more information.

IBM z/OS Mainframe Security and Audit Management Using the IBM Security zSecure Suite

IBM z/OS Mainframe Security and Audit Management Using the IBM Security zSecure Suite PDF

Author: Axel Buecker

Publisher: IBM Redbooks

Published: 2011-08-18

Total Pages: 494

ISBN-13: 0738435880

DOWNLOAD EBOOK →

Every organization has a core set of mission-critical data that must be protected. Security lapses and failures are not simply disruptions—they can be catastrophic events, and the consequences can be felt across the entire organization. As a result, security administrators face serious challenges in protecting the company's sensitive data. IT staff are challenged to provide detailed audit and controls documentation at a time when they are already facing increasing demands on their time, due to events such as mergers, reorganizations, and other changes. Many organizations do not have enough experienced mainframe security administrators to meet these objectives, and expanding employee skillsets with low-level mainframe security technologies can be time-consuming. The IBM® Security zSecure suite consists of multiple components designed to help you administer your mainframe security server, monitor for threats, audit usage and configurations, and enforce policy compliance. Administration, provisioning, and management components can significantly reduce administration, contributing to improved productivity, faster response time, and reduced training time needed for new administrators. This IBM Redbooks® publication is a valuable resource for security officers, administrators, and architects who wish to better understand their mainframe security solutions.

Linux

Linux PDF

Author: K. K. Mookhey

Publisher: ISACA

Published: 2005

Total Pages: 168

ISBN-13: 1893209784

DOWNLOAD EBOOK →

This document, which focuses on the Linux security issues for one of the more popular versions of Linux, Red Hat version 9/Fedora, provides a standard reference for Linux security controls and their audit for security administrators, security professionals and information systems auditors. It provides the following guidance to IT management: * The business and technology drivers for Linux * The vulnerabilities of the Linux operating system * Risk management issues with an action-oriented perspective * Linux security software * How to secure Linux installations to fulfill the control objectives of two well-known standards-COBIT and ISO 17799 * Detailed internal control questionnaires. Call +1.847.253.1545 ext. 401, visit www.isaca.org/bookstore or e-mail [email protected] for more information.

Exploring IBM EServer ZSeries and S/390 Servers

Exploring IBM EServer ZSeries and S/390 Servers PDF

Author: Jim Hoskins

Publisher: Maximum Press

Published: 2003

Total Pages: 468

ISBN-13: 9781885068910

DOWNLOAD EBOOK →

Considered the bible of the IBM zSeries and S/390 world, this new edition closely examines the role large computers will play in the new century. All the new hardware models and operating system products—Linux, VSE, MVS, VM, AIX, and Open Edition—are now available for the zSeries and are fully explained, as are critical business issues such as cost justification, lease versus purchase, support, security, and maintenance. Hypothetical small, medium, and large businesses are described and then outfitted with the appropriate zSeries solution. This replaces 1885068700.

IBM Z/OS Mainframe Security and Audit Management Using the IBM Security ZSecure Suite

IBM Z/OS Mainframe Security and Audit Management Using the IBM Security ZSecure Suite PDF

Author: Axel Buecker

Publisher:

Published: 2011

Total Pages: 494

ISBN-13:

DOWNLOAD EBOOK →

Every organization has a core set of mission-critical data that must be protected. Security lapses and failures are not simply disruptions--they can be catastrophic events, and the consequences can be felt across the entire organization. As a result, security administrators face serious challenges in protecting the company's sensitive data. IT staff are challenged to provide detailed audit and controls documentation at a time when they are already facing increasing demands on their time, due to events such as mergers, reorganizations, and other changes. Many organizations do not have enough experienced mainframe security administrators to meet these objectives, and expanding employee skillsets with low-level mainframe security technologies can be time-consuming. The IBM® Security zSecure suite consists of multiple components designed to help you administer your mainframe security server, monitor for threats, audit usage and configurations, and enforce policy compliance. Administration, provisioning, and management components can significantly reduce administration, contributing to improved productivity, faster response time, and reduced training time needed for new administrators. This IBM Redbooks® publication is a valuable resource for security officers, administrators, and architects who wish to better understand their mainframe security solutions.

Empowering Security and Compliance Management for the z/OS RACF Environment using IBM Tivoli Security Management for z/OS

Empowering Security and Compliance Management for the z/OS RACF Environment using IBM Tivoli Security Management for z/OS PDF

Author: Axel Buecker

Publisher: IBM Redbooks

Published: 2010-08-12

Total Pages: 52

ISBN-13: 0738450200

DOWNLOAD EBOOK →

Every organization has a core set of mission-critical data that requires protection. Security lapses and failures are not simply disruptions, they can be catastrophic events with consequences felt across the enterprise. The inadvertent mistakes of privileged users alone can result in millions of dollars in damages through unintentional configuration errors and careless security commands. Malicious users with authorized access can cause even greater damage. As a result, security management faces a serious challenge to adequately protect a company's sensitive data. Likewise, IT staff is challenged to provide detailed audit and controls documentation in the face of increasing demands on their time. Automation and simplification of security and compliance processes can help you meet these challenges and establish effective, sustainable user administration and audit solutions. This includes security database cleanup, repeatable audit of configurations and settings, and active monitoring of changes and events. IBM Tivoli Security Management for z/OS V1.11 provides these solutions to help enhance the security of mainframe systems through automated audit and administration. In this IBM® RedpaperTM document we discuss how Tivoli® Security Management for z/OS® allows you to submit mainframe security information from z/OS, RACF®, and DB2® into an enterprise audit and compliance solution and how to combine mainframe data from z/OS, RACF, and DB2 with that from other operating systems, applications, and databases in order to provide the ability to capture comprehensive log data, interpret that data through sophisticated log analysis, and communicate results in an efficient, streamlined manner for full enterprise-wide audit and compliance reporting.

Security Functions of IBM DB2 10 for z/OS

Security Functions of IBM DB2 10 for z/OS PDF

Author: Paolo Bruni

Publisher: IBM Redbooks

Published: 2011-09-14

Total Pages: 456

ISBN-13: 0738436038

DOWNLOAD EBOOK →

IBM® DB2® 9 and 10 for z/OS® have added functions in the areas of security, regulatory compliance, and audit capability that provide solutions for the most compelling requirements. DB2 10 enhances the DB2 9 role-based security with additional administrative and other finer-grained authorities and privileges. This authority granularity helps separate administration and data access that provide only the minimum appropriate authority. The authority profiles provide better separation of duties while limiting or eliminating blanket authority over all aspects of a table and its data. In addition, DB2 10 provides a set of criteria for auditing for the possible abuse and overlapping of authorities within a system. In DB2 10, improvements to security and regulatory compliance focus on data retention and protecting sensitive data from privileged users and administrators. Improvements also help to separate security administration from database administration. DB2 10 also lets administrators enable security on a particular column or particular row in the database complementing the privilege model. This IBM Redbooks® publication provides a detailed description of DB2 10 security functions from the implementation and usage point of view. It is intended to be used by database, audit, and security administrators.

Introduction to the New Mainframe: Security

Introduction to the New Mainframe: Security PDF

Author: Rica Weller

Publisher: IBM Redbooks

Published: 2007-04-26

Total Pages: 550

ISBN-13: 0738489646

DOWNLOAD EBOOK →

This book provides students of information systems with the background knowledge and skills necessary to begin using the basic security facilities of IBM System z. It enables a broad understanding of both the security principles and the hardware and software components needed to insure that the mainframe resources and environment are secure. It also explains how System z components interface with some non-System z components. A multi-user, multi-application, multi-task environment such as System z requires a different level of security than that typically encountered on a single-user platform. In addition, when a mainframe is connected in a network to other processors, a multi-layered approach to security is recommended. Students are assumed to have successfully completed introductory courses in computer system concepts. Although this course looks into all the operating systems on System z, the main focus is on IBM z/OS. Thus, it is strongly recommended that students have also completed an introductory course on z/OS. Others who will benefit from this course include experienced data processing professionals who have worked with non-mainframe-based platforms, as well as those who are familiar with some aspects of the mainframe environment or applications but want to learn more about the security and integrity facilities and advantages offered by the mainframe environment.

Reduce Risk and Improve Security on IBM Mainframes: Volume 2 Mainframe Communication and Networking Security

Reduce Risk and Improve Security on IBM Mainframes: Volume 2 Mainframe Communication and Networking Security PDF

Author: Axel Buecker

Publisher: IBM Redbooks

Published: 2015-09-25

Total Pages: 188

ISBN-13: 0738440949

DOWNLOAD EBOOK →

This IBM® Redbooks® publication documents the strength and value of the IBM security strategy with IBM z Systems hardware and software (referred to in this book by the previous product name, IBM System z®). In an age of increasing security consciousness and more dangerous and advanced persistent threats, System z provides the capabilities to address today's business security challenges. This book explores how System z hardware is designed to provide integrity, process isolation, and cryptographic capability to help address security requirements. We highlight the features of IBM z/OS® and other operating systems that offer a variety of customizable security elements. We also describe z/OS and other operating systems and additional software that use the building blocks of System z hardware to meet business security needs. We explore these from the perspective of an enterprise security architect and how a modern mainframe must fit into an enterprise security architecture. This book is part of a three-volume series that focuses on guiding principles for optimized mainframe security configuration within a holistic enterprise security architecture. The intended audience includes enterprise security architects, planners, and managers who are interested in exploring how the security design and features of the System z platform, the z/OS operating system, and associated software address current issues, such as data encryption, authentication, authorization, network security, auditing, ease of security administration, and monitoring.

Lanterna Rally - Theme by Grace Themes