S 4.215 Protection of z/OS utilities that are critical to security

Initiation responsibility: IT Security Officer, Head of IT

Implementation responsibility: Administrator

In z/OS systems, there are utilities for system programmers, RACF administrators, and storage managers that can be used to perform fundamental changes to the z/OS system with the corresponding authorisation. In order to securely use these programs, the following recommendations must be taken into consideration:

Securing security-critical programs

Security-critical utilities must be protected accordingly using the RACF security system (Resource Access Control Facility). Only the designated employees must be allowed to use them. The Alias names of the programs must be protected as well.

A selection of security-critical utilities is listed below:

Protecting critical TSO commands

TSO commands (Time Sharing Option) referring to security-critical programs must be protected accordingly using the TSOKEY00 member (in the z/OS Parmlib) so that only authorised employees are able to use these commands.

Unauthorised installation of security-critical programs

It must be ensured that third party programs cannot be installed without authorisation. For example, the internet contains programs with the power to intervene very deeply in the z/OS system. Many system programmers also dispose of self-written programs which make their work easier, but which could possibly perform very fundamental changes to the z/OS system. The uncontrolled installation and execution of these programs must be prevented by taking the corresponding safeguards (see safeguards S 4.209 Secure basic configuration of z/OS systems and S 4.211 Use of the z/OS security system RACF). If such programs are nevertheless required, they must only be installed to the system using the official installation process.

Review questions:

© Federal Office for Information Security. All rights reserved.