Table Of ContentFront cover
ABCs of IBM z/OS
System Programming
Volume 6
Security on z/OS
RACF and SAF
Cryptography
Karan Singh
Rui Feio
Oerjan Lundgren
Bob McCormack
Rita Pleus
Paul Rogers
ibm.com/redbooks
International Technical Support Organization
ABCs of IBM z/OS System Programming Volume 6
August 2014
SG24-6986-01
Note: Before using this information and the product it supports, read the information in “Notices” on
pagevii.
Second Edition (August 2014)
This edition applies to Version 1, Release 7 of z/OS (5694-A01), Version 1 Release 7 of z/OS.e (5655-G52),
and to all subsequent releases and modifications until otherwise indicated in new editions.
© Copyright International Business Machines Corporation 2008, 2014. All rights reserved.
Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule
Contract with IBM Corp.
Contents
Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .vii
Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix
Authors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix
Now you can become a published author, too! . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .x
Comments welcome. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi
Stay connected to IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi
Chapter 1. Introduction to IBM z/OS security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.1 z/OS basic security facilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.2 z/OS Security Server components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.3 Integrated Security Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.4 Cryptographic Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.5 Security Level 3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
1.6 IBM Tivoli Directory Server for z/OS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Chapter 2. System Authorization Facility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.1 SAF overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.2 SAF in detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Chapter 3. IBM z/OS Security Server RACF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
3.1 What is RACF?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
3.2 RACF functions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
3.3 RACF ISPF panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
3.4 RACF profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.5 RACF commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
3.6 User authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
3.7 Resource managers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
3.8 RACF classes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
3.9 Security administration with RACF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
3.10 RACF user identification and verification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
3.11 RACF user profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
3.12 RACF user attributes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
3.13 RACF user segments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
3.14 RACF user ID and password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
3.15 Adding a new user to RACF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
3.16 Reset a user password. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
3.17 Alter a user ID. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
3.18 Change a user password interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
3.19 Delete a user ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
3.20 User-related RACF commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
3.21 RACF groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
3.22 RACF group structure example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
3.23 RACF group-related commands: Add a group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
3.24 RACF group-related commands: Alter a group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
3.25 RACF group-related commands: Delete a group . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
3.26 Connect a user to a group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
3.27 Remove a user from a group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
© Copyright IBM Corp. 2008, 2014. All rights reserved. iii
3.28 Data sets and general resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
3.29 More on profiles for data sets and general resources. . . . . . . . . . . . . . . . . . . . . . . . . 59
3.30 Data set profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
3.31 Defining data set profiles. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
3.32 Data set profile access list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
3.33 Add a data set profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
3.34 Alter a data set profile. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
3.35 Search RACF database using a mask . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
3.36 Data set-related commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
3.37 Data set-related commands, continued . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
3.38 General resources-related commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
3.39 General resources-related commands, continued . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
3.40 General resources-related commands, continued . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
3.41 SET RACF system options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
3.42 Statistic-related options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
3.43 Password-related options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
3.44 Data set-related options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
3.45 Class-related options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
3.46 Authorization checking-related options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
3.47 Tape-related options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
3.48 RVARY and other options for initial setup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
3.49 RACF and auditing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
3.50 Auditor-related options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
3.51 SETROPTS: Display options (LIST). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
3.52 RACF monitoring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
3.53 RACF monitoring, continued. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
3.54 RACF monitoring, continued. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
3.55 RACF auditing tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
3.56 RACF auditing - IRRADU00 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
3.57 RACF auditing: RACF Report Writer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
3.58 RACF auditing: DSMON. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
3.59 RACF auditing: IRRDBU00. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
3.60 RACF and Dynamic CDT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
3.61 RACF and protecting the program . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
3.62 RACF remote sharing facility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
3.63 RRSF nodes and modes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
3.64 RRSF: User ID associations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
3.65 RRSF: Command direction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
3.66 RRSF over TCP/IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
3.67 RACF and interaction with other subsystems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
3.68 RACF and digital certificates - the authentication problem. . . . . . . . . . . . . . . . . . . . 135
3.69 Overview of digital certificates. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
3.70 Certificate use in z/OS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
3.71 Management of certificates by RACF. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
Chapter 4. Integrated Security Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
4.1 Introduction to Kerberos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
4.2 Kerberos terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
4.3 Kerberos protocol overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
4.4 Get a ticket-granting ticket . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
4.5 Request a service ticket . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
4.6 Authenticate to target server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
4.7 Kerberos inter-realm trust relationship . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
iv ABCs of IBM z/OS System Programming Volume 6
4.8 Some assumptions to Kerberos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
4.9 Implementing Network Authentication Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
4.10 Setting up the Kerberos environment variable files. . . . . . . . . . . . . . . . . . . . . . . . . . 170
4.11 Setting up HFS for Kerberos cache files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
4.12 Kerberos integrated with RACF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
4.13 Define Kerberos local principals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
4.14 Define Kerberos foreign principals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181
4.15 Kerberos user commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
4.16 Auditing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
4.17 Overview of EIM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
4.18 EIM concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
4.19 Setting up EIM in z/OS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
4.20 Installing and configuring EIM on z/OS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
4.21 Domain authentication methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
4.22 EIM additional administration tasks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
4.23 RACF support for EIM. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
4.24 Storing LDAP binding information in a profile. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
4.25 Setting up a registry name for your local RACF registry. . . . . . . . . . . . . . . . . . . . . . 225
4.26 Introduction to Open Cryptographic Enhanced Plug-ins. . . . . . . . . . . . . . . . . . . . . . 229
4.27 How OCEP works with a security server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230
Chapter 5. Cryptographic Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231
5.1 Introduction to cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
5.2 Cryptographic capabilities. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
5.3 Symmetric and asymmetric encryption algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
5.4 Symmetric encryption algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235
5.5 Asymmetric encryption algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236
5.6 Use of cryptosystems: Data privacy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237
5.7 Use of cryptosystems: Data integrity. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239
5.8 Use of cryptosystems: Digital signatures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
5.9 IBM Common Cryptographic Architecture. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242
5.10 IBM System zEC12: Cryptographic overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245
5.11 CP Assist for Cryptographic Functions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
5.12 Crypto Express4S feature. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
5.13 Crypto Express3 feature. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250
5.14 DES key management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
5.15 DES encryption. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
5.16 DES key forms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
5.17 Key distribution: Key export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256
5.18 Key distribution: Key import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
5.19 PKA key management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258
5.20 Integrated Cryptographic Service Facility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262
Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
IBM Redbooks publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
Other publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
How to get IBM Redbooks publications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267
Contents v
vi ABCs of IBM z/OS System Programming Volume 6
Notices
This information was developed for products and services offered in the U.S.A.
IBM may not offer the products, services, or features discussed in this document in other countries. Consult
your local IBM representative for information on the products and services currently available in your area. Any
reference to an IBM product, program, or service is not intended to state or imply that only that IBM product,
program, or service may be used. Any functionally equivalent product, program, or service that does not
infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to
evaluate and verify the operation of any non-IBM product, program, or service.
IBM may have patents or pending patent applications covering subject matter described in this document. The
furnishing of this document does not grant you any license to these patents. You can send license inquiries, in
writing, to:
IBM Director of Licensing, IBM Corporation, North Castle Drive, Armonk, NY 10504-1785 U.S.A.
The following paragraph does not apply to the United Kingdom or any other country where such
provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION
PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR
IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT,
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of
express or implied warranties in certain transactions, therefore, this statement may not apply to you.
This information could include technical inaccuracies or typographical errors. Changes are periodically made
to the information herein; these changes will be incorporated in new editions of the publication. IBM may make
improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time
without notice.
Any references in this information to non-IBM websites are provided for convenience only and do not in any
manner serve as an endorsement of those websites. The materials at those websites are not part of the
materials for this IBM product and use of those websites is at your own risk.
IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring
any obligation to you.
Any performance data contained herein was determined in a controlled environment. Therefore, the results
obtained in other operating environments may vary significantly. Some measurements may have been made
on development-level systems and there is no guarantee that these measurements will be the same on
generally available systems. Furthermore, some measurements may have been estimated through
extrapolation. Actual results may vary. Users of this document should verify the applicable data for their
specific environment.
Information concerning non-IBM products was obtained from the suppliers of those products, their published
announcements or other publicly available sources. IBM has not tested those products and cannot confirm the
accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the
capabilities of non-IBM products should be addressed to the suppliers of those products.
This information contains examples of data and reports used in daily business operations. To illustrate them
as completely as possible, the examples include the names of individuals, companies, brands, and products.
All of these names are fictitious and any similarity to the names and addresses used by an actual business
enterprise is entirely coincidental.
COPYRIGHT LICENSE:
This information contains sample application programs in source language, which illustrate programming
techniques on various operating platforms. You may copy, modify, and distribute these sample programs in
any form without payment to IBM, for the purposes of developing, using, marketing or distributing application
programs conforming to the application programming interface for the operating platform for which the sample
programs are written. These examples have not been thoroughly tested under all conditions. IBM, therefore,
cannot guarantee or imply reliability, serviceability, or function of these programs.
© Copyright IBM Corp. 2008, 2014. All rights reserved. vii
Trademarks
IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines
Corporation in the United States, other countries, or both. These and other IBM trademarked terms are
marked on their first occurrence in this information with the appropriate symbol (® or ™), indicating US
registered or common law trademarks owned by IBM at the time this information was published. Such
trademarks may also be registered or common law trademarks in other countries. A current list of IBM
trademarks is available on the Web at http://www.ibm.com/legal/copytrade.shtml
The following terms are trademarks of the International Business Machines Corporation in the United States,
other countries, or both:
AIX® NetView® System z®
CICS® OS/390® Tivoli®
DB2® OS/400® VTAM®
Domino® Parallel Sysplex® WebSphere®
eServer™ PowerPC® z/Architecture®
GDPS® RACF® z/OS®
Geographically Dispersed Parallel Redbooks® z/VM®
Sysplex™ Redbooks (logo) ® z9®
IBM® Resource Measurement Facility™ zEnterprise®
IMS™ RMF™ zSecure™
Language Environment® S/390®
MVS™ System z9®
The following terms are trademarks of other companies:
Intel, Intel logo, Intel Inside logo, and Intel Centrino logo are trademarks or registered trademarks of Intel
Corporation or its subsidiaries in the United States and other countries.
Linux is a trademark of Linus Torvalds in the United States, other countries, or both.
Windows, and the Windows logo are trademarks of Microsoft Corporation in the United States, other
countries, or both.
Java, and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its
affiliates.
UNIX is a registered trademark of The Open Group in the United States and other countries.
Other company, product, or service names may be trademarks or service marks of others.
viii ABCs of IBM z/OS System Programming Volume 6
