Resource Access Control Facility

RACF [pronounced Rack-Eff], short for Resource Access Control Facility, is an IBM software product. It is a security system that provides access control and auditing functionality for the z/OS and z/VM operating systems. RACF was introduced in 1976.^[1] Originally called RACF it was renamed to z/OS Security Server (RACF), although most mainframe folks^[who?] still refer to it as RACF.^[2]

Its main features are:^[1]

Identification and verification of a user via user id and password check (authentication)
Identification, classification and protection of system resources
Maintenance of access rights to the protected resources (access control)
Controlling the means of access to protected resources
Logging of accesses to a protected system and protected resources (auditing)

RACF establishes security policies rather than just permission records. It can set permissions for file patterns—that is, set the permissions even for files that do not yet exist. Those permissions are then used for the file (or other object) created at a later time.^[3]

^ ^a ^b "IBM RACF". IBM. Retrieved August 17, 2012.
^ "z/OS Security Server (RACF)". www.ibm.com. 2015-07-02. Retrieved 2021-08-06.
^ Cite error: The named reference :0 was invoked but never defined (see the help page).

[IBMRACF-1] "IBM RACF". IBM. Retrieved August 17, 2012.

[2] "z/OS Security Server (RACF)". www.ibm.com. 2015-07-02. Retrieved 2021-08-06.

[:0-3] Cite error: The named reference :0 was invoked but never defined (see the help page).

[1]

[2]

[3]