Fall Education Seminar

This comprehensive class in mainframe auditing shows you how to audit the MVS operating system and some of the key software associated with it, including the RACF and ACF2 security software (Top Secret users will benefit from the RACF description), and the CICS transaction manager,  These are all essential components to a z/OS system.  

This class shows you how the mainframe software works, how its security works, and how to audit it. It explains the three hardware controls which form the basis of all MVS security, how MVS uses the hardware controls, and why IBM gave us backdoors to these controls. You will learn how security software such as RACF and ACF2 and TopSecret works, and how they are dependent upon effective MVS security. You will learn how CICS works and how it relies on both MVS security and security software. You will learn a systematic approach to auditing all this, and to making practical, recommendations for improvement in security for z/OS, including MVS and its associated system software.

You will learn:

How MVS security works and why there are backdoors
How the hardware controls work, what backdoors exist, and how to find them
How RACF and ACF2 work and how they fit the MVS security model
How CICS works and how it uses tools like RACF and ACF2 for its security
How DB2 works and how its security works
What data to collect and how to interpret it
How to conduct the audit, from planning and scoping through follow-up
What all the related buzzwords and acronyms mean
How to conduct mainframe audits rapidly and efficiently, with maximum benefit to your organization

I. Concepts and Keywords

A. Introduction

• What is MVS?
• What is RACF?
• What is ACF2?
• What is TopSecret (TSS)?
• What is CICS?
• What is DB2?
• A Working Example
• Audit Rules

B. How MVS Security Works With Security Software

II. Action Plan

A. MVS Security

A1. How MVS Security Works

• Hardware Controls
• Backdoors

A2. How to Audit MVS Security

• MVS REFERENCE:   SYS1.PARMLIB

B. RACF Security

B1.How RACF Security Works

B2. How to Audit RACF Security

a. Access to the System

b. Access to Data

c. Access to Resources

d. Authority to Change Rules

e. Separation of Authority

 

C. ACF2 Security

C1. How ACF2 Security Works

C2. How to Audit ACF2 Security

D. CICS Security

D1. How CICS Security Works

D2. How to Audit CICS Security

E. Wrap-up, Working Papers, and Follow-Up

III. Forms and Reference

A. Basic Security Model

B. Forms to Summarize MVS Images

C. SMF Data

D. DSNZPARM

E. DSN3@ATH AND DSN3@SGN

F. DB2 AUTHORIZATION TABLES

G. SMF Data and the RACFRW

H. RACF Database Unload Utility Guide

I. RACF Audit Checklist

J. RACF SETR LIST Guide

K. RACF DSMON Guide

Presented by Mr. Stu Henderson
Mr. Henderson is an experienced consultant who specializes in effective computer security for IBM mainframes and Windows. He has helped hundreds of organizations make better use of security software such as RACF, ACF2, and TopSecret. He has conducted MVS security reviews for numerous commercial and government organizations. He communicates effectively with all levels of staff, from computer operator to executive management. He has over twenty-five years of hands-on experience as a system programmer, Data Security Officer, and consultant, culminating in his founding his own consulting organization, the Henderson Group.

Since 1990, he has directed his own firm, the Henderson Group, which provides computer security consulting and training in a variety of technical areas, including: MVS, OS/390, z/OS and Windows/NT/2000 security reviews, implementation assistance to users of RACF, ACF2, and TopSecret, and assistance to audit departments conducting MVS and Windows security audits. His seminars are taught nationwide and his website (www.stuhenderson.com) shares a wealth of information about information security and auditing, including the “Mainframe Audit News”, the “RACF User News”, links to other sites, articles, and seminar descriptions.