Reading Room

Mainframes

Featuring 4 Papers as of June 30, 2005

• An Introduction to Implementing Object-Level Security in IBM OS/400 with Comparisons to Windows and Unix Permissions by Jeff Gardner - June 30, 2005 

  The integrated object-level security of OS/400, IBM's midrange object-based operating system, provides the ability to grant fine-grained authority for individual objects to users or groups of users. Security administrators need to understand how to implement OS/400's object-level security simply in its various file systems to allow them to correctly configure the proper access control for the AS/400.

  •  Overview
  •  Download

• ---

• Mainframe Security featuring CA - Top Secret by Chad Barker - February 20, 2002 

  This document will provide an overview of the current (2002) status of mainframe security and a detailed understanding of the CA-Top Secret mainframe security product. It will also provide an overview for using Top Secret and an in-depth guide for auditing and reviewing Top Secret security.

  •  Overview
  •  Download

• ---

• Perimeter Defense-in-Depth: Using Reverse Proxies and other tools to protect our internal assets by Lynda Morrison - February 18, 2002 

  The use of a reverse proxy server to provide defense-in-depth security will be discussed in this paper as a practical security solution for protecting our internal assets.

  •  Overview
  •  Download

• ---

• A Return to Legacy Security by Christopher Abramson - July 27, 2001 

  This paper examines three mainframe security systems (Computer Associates' ACF2 (Access Control Facility, Computer Associates' Top Secret, and IBM's RACF (Resource Access Control Facility) to relate how they can be used as security servers for multiple operating system environments.

  •  Overview
  •  Download

• ---

STI Graduate Student Research - This paper was created by a SANS Technology Institute student as part of the graduate program curriculum.