Authorized Program

Enhanced Definition

An Authorized Program in z/OS is a program that has been granted special privileges, allowing it to execute instructions that are typically restricted to the operating system kernel. These privileges include the ability to run in supervisor state, access protected storage, or issue privileged instructions, which are essential for managing system resources and maintaining system integrity.

Key Characteristics

- Privileged Instruction Execution: Authorized programs can execute privileged machine instructions (e.g., SVC, SSKE, LRA), which are necessary for direct interaction with hardware and core operating system functions.
- Supervisor State Execution: They often run in supervisor state (as opposed to problem state), which grants them unrestricted access to system resources and instructions.
- Storage Key 0-7 Access: Authorized programs typically operate with a Program Status Word (PSW) storage key of 0-7, allowing them to access system-critical storage areas.
- Authorization Mechanisms: Authorization is typically conferred via the Authorized Program Facility (APF) list, the Program Properties Table (PPT), or by residing in a system-defined authorized library.
- System Integrity Criticality: Due to their elevated privileges, authorized programs are critical components for maintaining the integrity, security, and stability of the z/OS operating system.
- Careful Design and Testing: They require meticulous design, coding, and rigorous testing to prevent vulnerabilities that could compromise the entire system.

Use Cases

- Operating System Components: Core z/OS components like SVC routines, EXCP processors, and system services that manage I/O, memory, and task dispatching.
- Security Software: Products such as RACF, ACF2, and Top Secret that intercept system calls and enforce access control policies across the system.
- Database Management Systems: DB2 and IMS use authorized code for direct access to I/O devices, buffer pool management, and inter-address space communication.
- System Utilities: Utilities like IDCAMS (Access Method Services) for managing VSAM datasets, or IEBCOPY for copying and compressing partitioned datasets, often require authorization for sensitive operations.
- Third-Party System Software: Vendor products that extend z/OS functionality, such as monitoring tools, workload managers, or specialized network protocols, frequently require authorization.

Related Concepts

Authorized Programs are intrinsically linked to APF (Authorized Program Facility), which is the primary mechanism z/OS uses to identify and authorize programs. Their ability to execute privileged instructions is controlled by the PSW (Program Status Word), specifically the problem state bit and storage key. They often interact with the SAF (System Authorization Facility) to perform security checks on behalf of users, ensuring that even privileged operations are subject to granular access control. The concept is fundamental to z/OS System Integrity, as a compromised authorized program can bypass security and stability mechanisms.

Best Practices:

Minimize Authorization: Grant authorization only to programs that absolutely require it for system-critical functions, reducing the attack surface.
Strict Change Control: Implement rigorous change management and audit procedures for all authorized programs and their libraries (APF libraries).
Secure Libraries: Ensure that APF libraries are protected from unauthorized modification, deletion, or addition of programs, typically through RACF or equivalent security software.
Thorough Testing: Conduct extensive testing, including security vulnerability assessments, for all authorized code before deployment to production environments.
Regular Review: Periodically review the APF list, PPT entries, and other authorization definitions to ensure they are current, necessary, and adhere to security policies.