Kentucky-Ohio-Indiana RACF Users Group


General Information:

KOIRUG was created in 2003 to serve the professional education needs of the RACF community in Kentucky, Ohio, and Indiana. We typically hold full-day meetings twice a year. KOIRUG usually meets in the Cincinnati area.


Points of Contact:

Barb Rhoads, Cincinnati Financial

Aaron Humphries, American Modern Insurance Group

Deborah Pearson, Navient

Bob Hansel, RSH Consulting, Inc.


Upcoming Meeting:


Thursday, October 18, 2018 * Sponsored by RSH Consulting


Location: Cincinnati Financial Corporation

6200 S. Gilmore Rd., Fairfield, Ohio 45014


Time: 9 a.m. - 3:30 p.m.          (Registration begins at 8:30 a.m.)


Cost: ** Free **



Vulnerability Management for the Mainframe

     Sandra E. Carroll, Nationwide


     Robert S. Hansel, RSH Consulting

RACF Class Descriptor Table

     Robert S. Hansel, RSH Consulting

Examining a Mainframe Internet Hack

     Robyn E. Gilchrist, RSH Consulting




Vulnerability Management for the Mainframe

Do we need to worry about it? How does it affect the Mainframe? Are you being scanned by your company? What about access and penetration testing? We’ll go over these topics and more to help you understand where the Mainframe sits in today's world of Vulnerability Management.



Explore the many RACF options you can set with SETROPTS. Learn what to activate and what to avoid. Find out how the options affect logging, access controls, performance, and passwords. Receive recommendations for setting each option. Hear how your peers are using these options. Bring a copy of your own SETROPTS LIST to gain the most from this presentation.


RACF Class Descriptor Table

The Class Descriptor Table (CDT) defines General Resource classes to RACF. Find out how CDT class profiles and ICHRRCDE table entries combine to create the CDT. We will examine the CDT attributes that determine maximum profile length, default UACC, and other characteristics of a class. Discover how POSIT affects class management. We will also discuss the considerations and best practices for defining classes.


Examining a Mainframe Internet Hack

This presentation will discuss the hack of Logica's z/OS mainframe systems via the Internet and countermeasures RACF installations can implement to prevent such an attack on their systems.



Sandra E. Carroll, Nationwide

Career in IT since 1986, starting in back office support, moving to Windows, RS6000 support then finally to Mainframe in 1999 where I became the one person for everything from OMVS to TCP/IP, IMS, DB2, MQ , TSS and WebSphere. Enjoyed TSS work and kept a security background working with ACF2 and RACF for then Bank one. Continued working on those to my current roll and Security Engineer where I earn my CISSP and work towards securing the mainframe environment. Security Engineering is the roll between a Security Architect (which I fill this role at times) and ID Administration.


Robert S. Hansel, RSH Consulting

Robert S. Hansel is Lead RACF Specialist and founder of RSH Consulting, Inc. He began working with RACF in 1986 and has been a RACF administrator, manager, auditor, instructor, developer, and consultant. Mr. Hansel is especially skilled at redesigning and refining large-scale implementations of RACF using role-based access control concepts. He is a leading expert in securing z/OS Unix using RACF. Mr. Hansel has created elaborate automated tools to assist clients with RACF administration, database merging, identity management, and quality assurance.


Robyn E. Gilchrist, RSH Consulting

Robyn E. Gilchrist is a Senior RACF and CA ACF2 Consultant. She assists clients with conducting penetration and vulnerability tests to evaluate z/OS controls and with enhancing access controls. As a systems programmer and network engineer, Ms. Gilchrist has installed, configured, and maintained the z/OS Communications Server and WebSphere Application Server (WAS) for z/OS in Network Deployment (ND) mode as well as all associated ACF2 and RACF controls. She converted four CPF-connected ACF2 databases to four RRSF-connected RACF databases.



Contact Barb Rhoads

 - Phone: 513-870-2000 x4457

 - Email: Barb_Rhoads@cinfin.com


Advanced Registration is requested to ensure sufficient refreshments and handouts are available.



Cincinnati Financial is located on S. Gilmore a short distance north of the I-275 Cincinnati Beltway at Exit 39. Look for Forrest Park Exit North (Cincinnati Mills mall (Bass Pro Shop)). Cincinnati Financial is approximately one block north of the shopping mall on the right.


See www.mapquest.com for more information to get to the Cincinnati Financial. (This link takes you right to the site map.)


Park in the Visitor's parking in the front of the building. If no visitor spots are available, you may use the parking in the rear of the building.


See the receptionist in the main lobby upon entry to the building to sign in. If you enter at either of the rear entrances, you will be escorted to the main lobby. From the main lobby, you will be escorted to the meeting location.


For questions related to the meeting location, contact Barb Rhoads

 - Phone: 513-870-2000 x4457

 - Email: Barb_Rhoads@cinfin.com




Hotels in the immediate vicinity of Cincinnati Financial:

Hampton Inn - 513-942-3440

Comfort Suites - 513-825-9035

SpringHill Suites Cincinnati North Forest Park - 513-551-5028



Past Meetings Agendas:

Dates, sponsors, topics, and speakers from our past meetings.


RACF is a trademark of International Business Machines Corporation.

Webpage provided courtesy of RSH Consulting, Inc.