This book provides students of information systems with the background knowledge and skills necessary to begin using the basic security facilities of IBM System z. It enables a broad understanding of both the security principles and the hardware and software components needed to insure that the mainframe resources and environment are secure. It also explains how System z components interface with some non-System z components. A multi-user, multi-application, multi-task environment such as System z requires a different level of security than that typically encountered on a single-user platform. In addition, when a mainframe is connected in a network to other processors, a multi-layered approach to security is recommended. Students are assumed to have successfully completed introductory courses in computer system concepts. Although this course looks into all the operating systems on System z, the main focus is on IBM z/OS. Thus, it is strongly recommended that students have also completed an introductory course on z/OS.

Others who will benefit from this course include experienced data processing professionals who have worked with non-mainframe-based platforms, as well as those who are familiar with some aspects of the mainframe environment or applications but want to learn more about the security and integrity facilities and advantages offered by the mainframe environment.

Part 1. Overview of security fundamentals

Chapter 1. Why do we need security and why use a mainframe?

Chapter 2. The bookstore--a case study

Chapter 3. Security Concepts

Chapter 4. Elements of security

Part 2. Hardware and Networking security

Chapter 5. System z architecture and security

Chapter 6. System z virtualization and its challenges

Chapter 7. Cryptography on System z

Chapter 8. Network Security for System z

Part 3. Securing operating systems on System z

Chapter 9. z/OS System Integrity

Chapter 10. z/OS System Authorization Facility and Security Managers

Chapter 11. Security in z/OS UNIX

Chapter 12. z/OS Communications Security

Chapter 13. Security in z/VM

Chapter 14. Security in Linux on System z

Chapter 15. Security in z/VSE

Chapter 16. Security in z/TPF

Part 4. Security in Middleware and Applications

Chapter 17. Data Management Security

Chapter 18. Transaction security

Chapter 19. Web-based security

Chapter 20. Security for Identity Management

Part 5. Information Security Program and Compliance

Chapter 21. Creating an Information Security Program

Chapter 22. Compliance and Certification

Chapter 23. Operational Information Security Policy and Management

Chapter 24. Security Audits

Appendix A. Security Integrity Models

Appendix B. z/OS UNIX General Resource Classes

Appendix C. The Mainframe Charter