An External Security Manager is a computing term that refers to an application outside the operating system that provides a layer of security to various system artifacts. The term is typically seen when referring to security products on IBM z/OS platforms. An example is the RACF security package. [1]

On z/OS there are three primary External Security Managers (ESM)

  • RACF - Short for Resource Access Control Facility, is an IBM software product. It is a security system that provides access control and auditing functionality for the z/OS and z/VM operating systems. RACF was introduced in 1976
  • Top Secret - Computer Associates
  • ACF2 (Access Control Facility) is a commercial, discretionary access control software security system developed for the MVS (z/OS), VSE (z/VSE) and VM (z/VM) IBM mainframe operating systems Computer Associates now (2012) markets ACF2 as CA ACF2

In 1987, acquisitions made Computer Associates the largest independent vendor of mainframe infrastructure software and dominant vendor of OS/MVS security software with CA-Top Secret (#2 market share) and CA-ACF2 (#1 market share). IBM's RACF product held the #3 market share position. I really have no idea where market share of these products are today.

External Security Managers (ESM) is an Authentication Agent for z/OS platforms and can be utilized to provide Single Sign-On for applicaitons on the platform.

There is a DirXML ZOS BIDIRECTIONAL DRIVER that will work with most of the External Security Managers (ESM) on z/OS platforms.

More Information#

There might be more information for this subject on one of the following:
[#1] - http://en.wikipedia.org/wiki/External_Security_Manager retrieved 2012-10-15

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-12) was last changed on 18-Mar-2016 14:23 by jim