Using RACF with CICS


This course describes and explains how RACF is implemented within a CICS environment, essential knowledge for all security administrators and technician working with RACF in a CICS/System Z environment.

The course (designed, written and presented by specialist RACF consultants) provides a detailed insight into the CICS-RACF Interface.

This course is also available for exclusive one-company presentations, live over the Internet, via RSM's Virtual Classroom Environment service.

Virtual Classroom Environment dates - click to book!

UK Start Times

2 April 2024 8 July 2024

 

USA/Canada Start Times

15 April 2024

What is a 'Virtual Classroom Environment'?

 

What do I need?

  • webcam
  • headphones with microphone
  • sufficient bandwidth, at least 1.5 Mb/s in each direction.

What you will learn

On successful completion of this course you will be able to:

  • describe the necessary requirements to implement a secure RACF CICS environment
  • administrate RACF to protect CICS regions and their User ids
  • define RACF General Resource Profiles to protect CICS transactions, resources and internal CICS commands
  • amend CICS system parameters to invoke RACF security
  • understanding the implications using CICS prefixes
  • take advantage of the RACF Class Descriptor Table or the new RACF CDT class to create new CICS regions
  • describe how CICS and Db2 security work together.

Who Should Attend

The course is suitable for all Security Administrators and Systems Programmers responsible for CICS.

Prerequisites

Attendees should have a clear understanding of z/OS at a conceptual level and have an understanding of RACF that can be gained by attending the course RACF Administration & auditing. A familiarity with CICS and a knowledge of TSO/ISPF and JCL is also required.

Duration

2 days

Fee (per attendee)

£1200 (ex VAT)

 

This includes free online 24/7 access to course notes.

 

Hard copy course notes are available on request from rsmshop@rsm.co.uk

at £50.00 plus carriage per set.

Course Code

RACS

Contents

CICS Overview

The CICS family; Today's CICS; Product Identifiers; What is CICS?; Terminology; CICS tables; What is a Business Transaction?; What is a CICS task /CICS transaction?; What is a CICS program?; CICS characteristics; On-line processing; IBM CICS Transaction Server for z/OS; Workload management; Access to CICS; Accessing CICS from the Web; CICS Web Support (CWS); CICS Web Services; CICS Web Services support; The IBM client family; IBM CICS Transaction Gateway, Version 7.0; XML support; CICS organisation; Application services; Principal Domains/Management modules; CICS resource definitions; RDO overview; RDO components; The CICS System Definition File; The CICS Global Catalog; Available documentation (RACF related).

RACF Review

What is required of a security system?; IBM's Resource Access Control Facility (RACF); Main RACF/MVS components; How does RACF work?; RACF Profiles; User Profiles; Group Profiles; Resource Profiles; RACF classes; Always present; IBM-supplied general resource classes; Controlling access; Allowing access; RACF commands.

CICS & RACF

The CICS-RACF interface; The role of CICS in security control; Region-wide requirements; Interface implementation; CICS-RACF interfaces.

CICS & RACF in a Single CICS Region

CICS & RACF in a single CICS region; CICS region userid; Creating the CICS region userids; CICS default userid; Access requirements.

CICS & RACF in MRO Environments

Overview; Types of connections; Intercommunication security; BIND security; Link security; User security.

Setting up CICS RACF Security

CICS SIT parameters; SEC; SIT parameters: typical configuration; Protect the CICS region; User access from a terminal; User Signon; Controlling Userid propagation; PROPCNTL; SURROGAT; RACF Classes for CICS; Member or grouping class?; Member class profiles; Grouping class profiles; How RACF merges profiles; Who has access to STOH?; IBM-supplied grouping profiles; Additional transactions; Securing CSD transactions; Setting up CICS RACF security.

Problem Determination

Problems?; Messages; SMF records; Information Startup; CICS region job log.

Questions?


© RSM Technology 2022