Security

Here we consider TCP/IP under z/OS, a path into the system we need to control for effective security. Using tools provided with z/OS, this can be the most secure TCP/IP you’ll find anywhere. We’ll summarize how TCP/IP works under z/OS, discuss its security risks, and examine how you can manage those risks. References to security software here mean RACF, ACF2, or TopSecret…

Read Full Article →

To communicate orders to the far reaches of the empire, Roman generals used variations of a cryptographic system known as the Caesar cipher. Each letter of the alphabet was shifted by a fixed number of places; for example, an “A” would become a “C”, a “B” would become a “D”, and so on. This isn’t exactly a secure system by modern standards, yet, in its time, many Roman officers trusted the Caesar cipher with their lives…

Read Full Article →

Identity propagation is a new identity assertion capability provided by z/OS V1R11 and CICS Transaction Server (CICS TS) V4.1. Together with new functions in WebSphere DataPower or the CICS Transaction Gateway (CICS TG), it supports a cross-platform, end-to-end security solution, providing for identity assertion, control, and auditing…

Read Full Article →

Much of the constant change seen in the information technology world is driven by evolving privacy mandates, compliance regulations, and perpetual audit cycles. The mainframe endures; even now, it houses a large percentage of the world’s mission-critical financial and medical information. Maintaining security and proving compliance on the mainframe is difficult because a continuously changing IT environment complicates compliance needs. Meeting this challenge requires going back to basics and drawing insights from a time when things were much simpler…

Read Full Article →