z/OS ICSF for TSS Security Technical Implementation Guide

Description

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected]

Details

Version / Release: V6R7

Published: 2021-10-04

Updated At: 2021-11-06 12:52:35

Compare/View Releases

Select any two versions of this STIG to compare the individual requirements

Select any old version/release of this STIG to view the previous requirements

Actions

Download

Filter

Findings
Severity Open Not Reviewed Not Applicable Not a Finding
Overall 0 0 0 0
Low 0 0 0 0
Medium 0 0 0 0
High 0 0 0 0
Drop CKL or SCAP (XCCDF) results here.

    Vuln Rule Version CCI Severity Title Description Status Finding Details Comments
    SV-225575r804043_rule ZICS0040 CCI-000035 MEDIUM IBM Integrated Crypto Service Facility (ICSF) Configuration parameters must be correctly specified. IBM Integrated Crypto Service Facility (ICSF) product has the ability to use privileged functions and/or have access to sensitive data. Failure to properly configure parameter values could potentially the integrity of the base product which could result i
    SV-225576r472526_rule ZICST000 CCI-000213 MEDIUM IBM Integrated Crypto Service Facility (ICSF) install data sets are not properly protected. IBM Integrated Crypto Service Facility (ICSF) product has the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product whic
    SV-225577r472529_rule ZICST001 CCI-001499 MEDIUM IBM Integrated Crypto Service Facility (ICSF) STC data sets must be properly protected. IBM Integrated Crypto Service Facility (ICSF) STC data sets have the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base prod
    SV-225578r472532_rule ZICST030 CCI-000764 MEDIUM IBM Integrated Crypto Service Facility (ICSF) Started Task name is not properly identified / defined to the system ACP. IBM Integrated Crypto Service Facility (ICSF) requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access an
    SV-225579r472535_rule ZICST032 CCI-000764 MEDIUM IBM Integrated Crypto Service Facility (ICSF) Started task(s) must be properly defined to the Started Task Table ACID for Top Secret. Access to product resources should be restricted to only those individuals responsible for the application connectivity and who have a requirement to access these resources. Improper control of product resources could potentially compromise the operating