Edit WYSIWYGattachfile Attach PDF Raw View►More Actions▼More Actions

Restore topic to revision: You will be able to review the topic before saving it to a new revision

Copy text and form data to a new topic (no attachments will be copied though).
Name of copy:
You will be able to review the copied topic before saving

Rename/move topic... scans links in all public webs (recommended)
Rename/move topic... scans links in CBI_ComputerSecurity web only
Delete topic... scans links in all public webs (recommended)
Delete topic... scans links in CBI_ComputerSecurity web only

Revision Date Username Comment
1305 Oct 2015 - 12:56NicLewis 
1222 Jul 2014 - 15:46ThomasMisa 
1122 Jul 2014 - 15:41ThomasMisa 
1003 Oct 2013 - 15:39norqu036? 
916 Apr 2013 - 08:45NicLewis 
815 Apr 2013 - 11:25NicLewis 
728 Mar 2013 - 09:18ThomasMisa 
612 Mar 2013 - 08:59NicLewis 
508 Mar 2013 - 07:58NicLewis 
404 Mar 2013 - 08:44NicLewis 
earlier first

Render style:     Context:

 History: r13 < r12 < r11 < r10 < r9
[X] Hide this message.
Notice: On June 30, 2016, UMWiki service will be decommissioned. If you have information in UMWIki that needs to be preserved, you should make plans to move it before that date. Google Sites is anticipated to be the most popular and appropriate alternative for users because it offers a more modern and user-friendly interface and unlimited capacity. To learn more about the features of Google Sites and other alternatives, and to identify which one best fits your needs, see the University’s Website Solution Selection Guide. If you have concerns or would like help regarding this change and your options, please contact Technology Help at help@umn.edu
You are here: UMWiki>CBI_ComputerSecurity Web>Systems>SystemsACF (05 Oct 2015, NicLewis)

Current Activitieslock Who is Who?lock People Programs Publications CSHW_2014 Systems Events Mechanisms

Access Control Facility (ACF)


ACF was a software security system developed at the University of Illinois by Barry Schrager and Eberhard Klemens. Designed to provide discretionary access control for IBM mainframe operating systems, ACF was a competitor of IBM's RACF product, and provided such features as "protection by default" and resource pattern masking that IBM's RACF lacked. Schrager began development of ACF in his spare time in response to IBM's approach to security with RACF, which Schrager deemed inadequate. In 1978, London Life Insurance (in London, Ontario) financed the SKK, Inc. effort to develop ACF into a commercial product. ACF was renamed ACF2 in 1978 to distinguish it from the prototype.(1)(2) RACF, ACF2, and SECURE were the "big three" in software security products.(3)

In 1986 SKK and ACF2 were bought by UCCEL Corporation, which Computer Associates International (CA Technologies) purchased on December 31, 1986. ACF2 continues to be sold by CA Technologies as the product CA ACF2.(4) ACF2 uses rule sets, which are algorithms that determine if a user is allowed to access data, or some other resource. An authorized user compiles these rule sets, which are translated into object records stored in a database. Logged-in users may then access data only if granted access through the stored rule sets.(5)


1 , 5 : lock ACF2 Mainframe Security PDF pp. 1-2. - Document discusses the security features of ACF2. (Login required)

2 : CBI oral history with Barry Schrager (2002), pp. 26-28, 30-31

3 : lock Robert Johnston, "Security Software Packages: A Question and Answer Comparison of the 'Big 3'" Computer Security Journal vol. 1 no. 1 (Spring 1981) (Login required)

4 : oh404bs.pdf - 2012 CBI oral history with Barry Schrager, pp. 58, 61, 66

Topic revision: r13 - 05 Oct 2015 - 12:56:37 - NicLewis
Signed in as lewi0740 (NicLewis) | Sign out
UMWiki UMWiki
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding UMWiki? Send feedback