Abstract
Enterprises using IBM's premier operating system for S/390 mainframes, z/OS, may have a false sense of confidence regarding the vulnerability of corporate assets. The protection offered by widely used security products can often be circumvented as a result of loopholes in other add-on software.
Many such systems are frequently not nearly as resistant to security penetration as corporate management have been led to believe.
New inspection, certification and verification techniques must be implemented before
MVS-based systems can be employed as a safe haven for the conduct of electronic commerce
and a secure repository for corporate and national assets.