OpenControls Logo

STIG Viewer

z/OS IBM System Display and Search Facility (SDSF) for RACF Security Technical Implementation Guide

Overview

VersionDateFinding Count (8)Downloads
V7R2
2 versions →		2025-09-27CAT I (High): 0CAT II (Medium): 8CAT III (Low): 0
Excel ↓JSON ↓XML ↓
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.
ClassifiedPublicSensitive
I - Mission Critical ClassifiedI - Mission Critical PublicI - Mission Critical Sensitive
II - Mission Support ClassifiedII - Mission Support PublicII - Mission Support Sensitive
III - Administrative ClassifiedIII - Administrative PublicIII - Administrative Sensitive

Findings - All

Finding IDSeverityTitleDescription
V-224504
LOWMEDIUMHIGH
IBM System Display and Search Facility (SDSF) Configuration parameters must be correctly specified.IBM SDSF ISFPARMS defines global options, panel formats, and security for SDSF. Failure to properly specify these parameter values could potentially c...
V-224505
LOWMEDIUMHIGH
IBM System Display and Search Facility (SDSF) installation data sets will be properly protected.IBM SDSF installation data sets have the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access...
V-224506
LOWMEDIUMHIGH
IBM System Display and Search Facility (SDSF) HASPINDX data set identified in the INDEX parameter must be properly protected.IBM SDSF HASPINDX data sets control the execution, configuration, and security of the SDSF products. Failure to properly protect access to these data ...
V-224507
LOWMEDIUMHIGH
IBM System Display and Search Facility (SDSF) resources will be properly defined and protected.IBM SDSF can run with sensitive system privileges, and potentially can circumvent system controls. Failure to properly control access to product resou...
V-224508
LOWMEDIUMHIGH
IBM System Display and Search Facility (SDSF) resources will be properly defined and protected.IBM SDSF can run with sensitive system privileges, and potentially can circumvent system controls. Failure to properly control access to product resou...
V-224509
LOWMEDIUMHIGH
IBM System Display and Search Facility (SDSF) Started Task name will be properly identified and/or defined to the system ACP.IBM System Display and Search Facility (SDSF) requires a started task that will be restricted to certain resources, data sets, and other system functi...
V-224510
LOWMEDIUMHIGH
IBM System Display and Search Facility (SDSF) Started task will be properly defined to the STARTED resource class for RACF.Access to product resources must be restricted to only individuals responsible for the application connectivity and who have a requirement to access t...
V-224511
LOWMEDIUMHIGH
IBM System Display and Search Facility (SDSF) Resource Class will be active in the RACF.Failure to use a robust ACP to control a product could potentially compromise the integrity and availability of the MVS operating system and user data...