|
Name |
SRR Review Procedures, OS/390 RACF Checklist, v5 Release
2.3
|
|
Version |
Version 5, Release 2.3
|
|
Status |
Final
|
| Creation
Date |
Date unknown.
|
| Revision
Date |
2007-05-30
|
| Product
Category |
Operating System
|
| Vendor |
IBM
|
| Product |
IBM OS/390 Resource Access Control Facility (RACF) Security
component
|
| Product
Version |
IBM OS/390 Resource Access Control Facility (RACF) Security
component
|
| Product
Role |
Server
|
|
Checklist
Summary |
This SRR Review Procedures, OS/390 Resource Access Control
Facility (RACF) document provides the procedures
for conducting a Security Readiness Review
(SRR) to determine compliance with the requirements
in the OS/390 Security Technical Implementation
Guides (STIG). This checklist must be used
together with the corresponding version of
the STIG document. This SRR guide focuses
strictly on the IBM OS/390 operating system
(OS) and how the RACF security component interacts
with the operating system. Additionally, this
checklist ensures the site has properly installed
and implemented the RACF component for the
IBM OS/390 OS and that it is being managed
in a way that is secure, efficient, and effective,
through procedures outlined in the checklist.
The items reviewed are based on standards
and requirements published by DISA in the
OS/390 Security Technical Implementation Guide.
|
| Known
Issues |
Not Available.
|
| Target
Audience |
Developped for the DOD.
This checklist has been created for IT professionals,
particularly operating system administrators
with a background in the IBM OS/390 OS, as
well as information security personnel. The
document assumes that the reader has experience
installing and administering the IBM OS/390-based
systems in domain or standalone configurations.
|
| Target
Operational Environment |
Enterprise and Specialized
Security-Limited Functionality.
|
| Checklist
Installation Tools |
The scripts need to be unzipped (Windows) or untarred/uncompressed
(Unix) and/or copied to the host system (Windows,
Unix copy commands).
|
| Rollback
Capability |
The scripts create temporary files. These files are removed
at the completion of the script.
|
| Testing
Information |
Not Available.
|
| NIAP/CMVP
Status |
Not Available.
|
| Regulatory
Compliance |
DOD Directive 8500.
|
Comments,
Warnings, Disclaimer, Miscellaneous
|
Please refer to the Checklist or the README.txt files provided
with the scripts for any comments, warnings,
or detailed instructions.
|
| Disclaimer |
Not Available.
|
| Product
Support |
It should be noted that FSO Support for the STIGs, Checklists,
and Tools is only available to DOD Customers.
|
| Submitting
Organization/Authors |
Defense Information Systems Agency
|
| Point
of Contact |
Not Available.
|
| Sponsor |
Not Available.
|
| Licensing |
Not Available.
|
| Checklist
Homepage |
http://iase.disa.mil/stigs/checklist/index.html
|
| Download
Package |
http://iase.disa.mil/stigs/checklist/
RACF-checklist-V5R23.doc
|
| Integrity |
SHA1 Digest (RACF-checklist-V5R23.doc) =
71ebcdf6d5041266f1a79e77c19d68432acbd99e
SHA256 Digest (RACF-checklist-V5R23.doc) =
9811e13c98fdb5ffc460e7e8709a3040720ea2b5adf
71b96186c56f01ed8861b
|
| Change
History |
Version
4, Release 1.3, 2004-02
Version 4, Release 1.4, 2004-10
Version 4, Release 1.5, 2005-07
Version 5, Release 1.1, 2006-04
Version 5, Release 2.1, 2006-11
Version 5, Release 2.2, 2007-03-23
Version 5, Release 2.3, 2007-05-30
|
| Dependency/Requirement |
OS/390 v5r1 STIG Volume 1, 2005-01-21
OS/390 v5r1 STIG Volume 2, 2005-01-21
|
| References |
Not Available.
|
| NIST
Identifier |
1071
|
