LTXF/MVS Modernization Guide

LTXF/MVS intercepts the TSO/E session termination process. Instead of the session ending, LTXF/MVS displays a lock screen requiring the user to re-authenticate with their password. This prevents unauthorized access to the TSO/E session if the user leaves their workstation unattended.

LTXF/MVS uses standard z/OS security mechanisms, such as RACF, ACF2, or Top Secret, for user authentication. It integrates with these security systems to validate the user's password when re-authentication is required.

The primary configuration file for LTXF/MVS is typically a PARMLIB member. This member contains parameters that control the behavior of LTXF/MVS, such as the lock screen timeout interval and the message displayed on the lock screen.

LTXF/MVS intercepts the standard TSO/E termination routines. When a user's TSO/E session becomes inactive, instead of the session ending, LTXF/MVS takes control and displays the lock screen.

LTXF/MVS does not expose a public API. It operates by intercepting and modifying the behavior of existing TSO/E functions. Integration with other systems is typically achieved through standard z/OS facilities.

LTXF/MVS relies on the underlying z/OS security system (RACF, ACF2, Top Secret) for authentication. It does not implement its own authentication mechanisms. Therefore, the authentication methods supported are those supported by the z/OS security system.

LTXF/MVS uses standard z/OS system authorization facility (SAF) calls to validate user credentials. It does not implement its own access control model. The access control model is determined by the underlying z/OS security system.

LTXF/MVS does not perform encryption itself. It relies on the underlying z/OS system for encryption services, if configured. Data transmitted between the TSO/E client and server may be encrypted using standard z/OS communication protocols.

LTXF/MVS enhances security by preventing unauthorized access to unattended TSO/E sessions. This reduces the risk of data breaches and compliance violations. It provides a simple and effective way to enforce security policies.

By preventing unauthorized access, LTXF/MVS helps organizations comply with security regulations such as PCI DSS, HIPAA, and GDPR. It provides an additional layer of security to protect sensitive data.

LTXF/MVS is a cost-effective solution for enhancing TSO/E security. It is relatively easy to install and configure, and it does not require significant changes to existing TSO/E applications or infrastructure.

LTXF/MVS leverages the security features of the underlying z/OS system, including RACF, ACF2, and Top Secret. It uses standard SAF calls to authenticate users and authorize access to resources.

LTXF/MVS supports authentication methods provided by the z/OS security system, such as password authentication, multi-factor authentication (MFA), and certificate-based authentication.

LTXF/MVS relies on the access control model implemented by the z/OS security system (RACF, ACF2, Top Secret). It does not implement its own access control model. Access control is typically role-based (RBAC).

LTXF/MVS integrates with z/OS audit and logging facilities to record security-related events, such as successful and failed login attempts. These logs can be used to monitor security activity and detect potential security breaches.

LTXF/MVS is configured using a PARMLIB member. The PARMLIB member contains parameters that control the behavior of LTXF/MVS, such as the lock screen timeout interval and the message displayed on the lock screen.

LTXF/MVS integrates with z/OS monitoring tools, such as SMF and RMF, to provide information about its performance and resource usage. This information can be used to monitor the health of LTXF/MVS and identify potential problems.

LTXF/MVS generates SMF records that can be used to track security-related events, such as successful and failed login attempts. These records can be used to monitor security activity and detect potential security breaches.

User management is handled by the underlying z/OS security system (RACF, ACF2, Top Secret). LTXF/MVS does not implement its own user management functions. User accounts are created and managed using standard z/OS security tools.