KOIRUG was created in 2003 to serve
the professional education needs of the RACF community in Kentucky,
Ohio, and Indiana. We typically hold full-day meetings twice a year. KOIRUG usually meets
in the Cincinnati area.
Points of Contact:
Barb Rhoads, Cincinnati
Humphries, American Modern Insurance Group
Hansel, RSH Consulting, Inc.
Tuesday, May 2,
** Sponsored by
Key Resources **
Cincinnati Financial Corporation
Gilmore Rd., Fairfield, Ohio 45014
a.m. - 3:30 p.m.
(Registration begins at 8:30 a.m.)
Closing the Integrity Gap for
Overby, Key Resources
Julie Bergh, IBM
S. Hansel, RSH Consulting
Program control is often
perceived as one of the more complex and arcane functional
areas of RACF. While the controls are a bit different than
standard RACF profile processing, in many ways, they are
directly analogous to what you already know. Where they are
not (for example, the need to keep certain environments
"clean"), the concepts behind them are, in fact, relatively
straightforward. We hope that with a solid understanding of
the underlying security issues, the day-to-day administration
and maintenance of your environment will become more
Closing the Integrity Gap for
You can spend hundreds of
thousands of dollars securing the applications that serve up
the data, but it won’t do you any good if you don’t maintain
the integrity of the operating system. Vendors and research
analysts will tell you that your number one priority is to
secure your applications. There is even a “practical handbook
for selecting application security tools and vendors”. Has
anyone told you that all it takes is one zero day
vulnerability in the z/OS operating system layer to bypass
everything you have done and are doing to secure your data?
Learn what a Severe Security Code Vulnerability is and why
these can compromise your system. See a demo’s of several
exploits from recent audits.
z/OSMF provides a web-based
interface that allows you to manage various aspects of your
z/OS systems through a browser at any time, from any location.
One asks, ok, what does that have to do with security. Well,
using z/OSMF requires sufficient authority in z/OS.
Specifically, on the z/OS system to be managed, the resources
to be accessed on behalf of z/OSMF users (data sets, operator
commands, and so on) are secured through RACF. This session
will describe user experiences on setting up z/OSMF with a
focus on the security requirements.
Permission to certain UNIXPRIV
class profiles can provide users with the ability to perform
specific Superuser functions without requiring full Superuser
authority. Other UNIXPRIV profiles influence RACF's decision
as whether a user is allowed to access a file or directory.
This presentation will introduce you to all the UNIXPRIV
profiles and discuss how to make best use of them.
Bruce Wells is a senior software engineer for the RACF design
and development group in Poughkeepsie, New York. He has
extensive experience in both the z/OS and z/VM versions of the
product, and has worked on various projects spanning other
security components such as LDAP, ICSF, and System SSL. Bruce
has been working in the RACF area for the past 25 years.
Ray Overby, Key Resources
Julie is IBM’s Lead World Wide z Systems Security Champion,
has worked for IBM for the past 15 years and has many more
years prior to that in the private sector. Julie is a
certified IT specialist and has a Master’s Degree in
Information Systems management. Prior to joining IBM, Julie
worked at a variety of large companies (e. g., GMAC,
MasterCard) where her roles ranged from programming and system
programming to IT Internal Auditing and IT Management. In
recent years, Julie’s efforts have been related to z System
Security Migrations and Security Product Technical Sales, and
as a result has broad experience engaging all levels of the
customer organization from the C-Suite, to Security Management
and to front line Security Analysts. Julie has experience in
both customer and provider aspects of IBM’s z Systems
Security, and possesses deep skills in z/OS, RACF, ACF2 and
Top Secret administration.
Hansel, RSH Consulting
Robert S. Hansel is Lead RACF Specialist and founder of RSH
Consulting, Inc., a firm he established in 1992 and dedicated
to helping clients strengthen their IBM z/OS mainframe access
controls by fully exploiting all the capabilities and latest
innovations in RACF. He has worked with IBM mainframes since
1976 and in information systems security since 1981. Mr.
Hansel began working with RACF in 1986 and has been a RACF
administrator, manager, auditor, instructor, developer, and
consultant. He has reviewed, implemented, and enhanced RACF
controls for major insurance firms, financial institutions,
utilities, payment card processors, universities, hospitals,
and international retailers. Mr. Hansel is especially skilled
at redesigning and refining large-scale implementations of
RACF using role-based access control concepts. He has also
created elaborate automated tools to assist clients with RACF
administration, database merging, identity management, and
Contact Barb Rhoads
- Phone: 513-870-2000
Registration is requested to ensure sufficient refreshments
and handouts are available.
Cincinnati Financial is located on S. Gilmore a short distance
north of the I-275 Cincinnati Beltway at Exit 39. Look for
Forrest Park Exit North (Cincinnati Mills mall (Bass Pro
Shop)). Cincinnati Financial is approximately one block north
of the shopping mall on the right.
more information to get to the Cincinnati Financial. (This
link takes you right to the site map.)
Park in the Visitor's parking in
the front of the building. If no visitor spots are available,
you may use the parking in the rear of the building.
See the receptionist in the main lobby upon entry to the building
to sign in. If you enter at either of
the rear entrances, you will be escorted to the main lobby.
From the main lobby, you will be escorted to the meeting
For questions related to the
meeting location, contact Barb Rhoads
- Phone: 513-870-2000
the immediate vicinity of Cincinnati Financial:
Suites - 513-825-9035
SpringHill Suites Cincinnati North
Forest Park - 513-551-5028
Past Meetings Agendas:
Dates, sponsors, topics, and speakers
from our past meetings.