On 6 March 2015 at 09:10, Lopez, Sharon <[email protected]> wrote: > What are most people using for multifactor authentication in a z/OS > environment? Does RACF have the ability?
Native RACF has nothing like this, unless you count the very old OIDCARD option. But overall you need to qualify what you want to do. Is it that you want to use multifactor auth to log on at a 3270 to TSO or CICS or the like? Or that you want it when you access a web server running on z/OS? Or perhaps a web server running on another platform (IIS on Windows, Apache on Linux, etc.), but using RACF as its security provider and token repository? Or as an additional authenticator when doing a self-service password reset? Access to gateways/firewalls/VPNs? There are many scenarios that can have "multi factor" and "RACF" in the same sentence. There are several vendors who provide various aspects of this, and who will often be happy to sell you hardware tokens to go with their solution(s). I work for one of them, Beta Systems Software, and we have for some years developed and supported the products formerly from Proginet Corp. and Blockade Systems Corp. that include various multi factor features. And that's as much sales hype as I like to sling on a technical list like this. :-) Please get in touch if you are interested. Tony Harminc Beta Systems Software AG http://www.betasystems.com [email protected] (work) [email protected] (list and personal mail) ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
