Librarium Whitehat
Blog Pics
"Inveniam viam aut faciam" : I will either find a way, or I shall make one

Book Review: Mainframe Basics for Security Professionals: Getting Started with RACF

Authors: Ori Pomerantz (Author), Barbara Vander Weele (Author), Mark E. Nelson (Author), Tim Hahn (Author)
Publisher: IBM Press; 1 edition (January 7, 2008)
ISBN-10: 0131738569
ISBN-13: 978-0131738560

For people who need to start getting to grips with IBM mainframe security, this is a great book to start. It is not a an exceptionally large book, and it is not a fully comprehensive guide, BUT it does provide good explanations of how and why the fundamental concepts work with RACF. It also is a good reference since it tells you exectly where to go for additional details on all the topics.

Chapter 1 and 7 are for background and context, for people who have been doing security for a while this is where you may find areas to disagree with, but that is what always happens with opinion.

Chapters 2, 3 and 4 cover off on users, data and logging. These are very important chapters and they are very important for you understand since they explain how these fundamental ideas work on the mainframe.

Chapters 5 and 6 goes through the auditing of the mainframe and more complex user setups. These are great chapters since they explain how to verify your work and how to make it better.

Personally, I recommend the book since there are not many ways for a security person to get started with mainframes in an accessible and useable way - this book is one of them.

Rating: It does what it says on the cover - 4/5