Stream: Melbourne
Time: 11:15 - 12:00
Security is often the last team invited to the DevOps party — and by then, it’s already too late.
This session explores how the Dutch Tax Administration reimagined mainframe access control by introducing self-service RACF, enabling DevOps teams to move faster without compromising security or compliance.
We’ll revisit the traditional, ticket-driven model for RACF access — a process too slow for today’s agile, cloud-connected world — and show how a shift-left security strategy helped eliminate bottlenecks while keeping controls firmly in place.
You’ll see how a Python-based REST API, built with Flask, Flask-RESTful, and OpenAPI, runs natively on z/OS, secured by JWT tokens validated through RACF, and delivered behind Gunicorn.
Through live demos, we’ll dive into how group-SPECIALs, OWNER groups, CLASSAUTH, and enhanced generic profiles empower developers with real autonomy — without losing accountability or control.
Whether you’re a security architect, RACF administrator, or DevOps engineer, you’ll walk away with practical ideas on how to turn “security as a bottleneck” into “security as a business accelerator.
Henri Kuiper is a lifelong mainframe enthusiast with a passion for exploring and innovating — a journey that began in his childhood, taking apart computers (BBC Micros, anyone?) and never quite putting them back the same way. An international speaker and seven‑time consecutive IBM Champion for z Systems, Henri is the founder of zDevOps.com and proud co‑founder of Mainframe Society. Each year, he runs the Advent of Code for Mainframers, a beloved community tradition that blends problem‑solving with a playful spirit. His work blends technical curiosity, community building, and a deep commitment to keeping mainframe culture alive and thriving.
Click here to give some Feedback so we can make it even better next year!