IBM Systems Magazine, Mainframe Edition - November/December 2009 - 28

and authorities are built into all layers to ensure data integrity and prevent intrusion from malicious software and users. s !CCESS& 4HEREÇS CENTRALIZED CONTROL OF ACCESS TO RESOURCES including remote applications with stronger audit features. s $ATA PROTEC T ION& 3UPPOR T FOR I NDU ST R IA LST R ENG T H encryption solutions help protect data at rest and data in flight. $" % UTILIZES BETTER HARDWAREENCRYPTION ACCELERATION AND FAULTTOLERANT KEY PROTECTION BUILT INTO Z/3 $" SEC U R IT Y CAN BE D IV IDED I NTO FOU R BROAD A REAS& AUTHENTICATION AUTHORIZATION AUDITING AND ENCRYPTION &OR MORE INFORMATION SEE h3ECURITY /UTSIDE THE $ATABASEv RIGHT To completely secure your environment address these other aspects of security besides the database system: s 0HYSICAL SECURITY& )MPLEMENT EFFECTIVE BADGE ACCESS TO CONTROL PHYSICAL ACCESS TO THE MACHINE OR MACHINES HOSTING the data server. s (OST SECURITY& 3ECURE THE /3 USING 2!#& AUTHENTICATION AND AUTHORIZATION MECHANISMS !LWAYS REQUIRE THE USE OF STRONG PASSWORDS s .ETWORK SECURITY& 5SE lREWALLS 60.S )0 3ECURITY È)03ECÉ INTRUSIONDETECTION SYSTEMS AND OTHER NETWORK SECURITY TECHNIQUES BUILT INTO Z/3 s !PPLICATION SECURITY& 3ECURE APPLICATIONS RUNNING ON YOUR SYSTEM &OR EXAMPLE ONE WELLKNOWN THREAT IS 31, INJECTION WHEREBY A POORLY DEVELOPED APPLICATION CAN BE FORCED TO RUN UNINTENDED 31, STATEMENTS 4HIS VULNERABILITY ONLY EXISTS IN DYNAMIC 31, APPLICATIONS THAT DONÇT VALIDATE ANY INPUT THATÇS USED IN THE CONSTRUCTION OF DYNAMIC 31, statements. s )DENTITY MANAGEMENT& 5SE RELIABLE SYSTEMS AND METHODS FOR IDENTIFYING AND AUTHENTICATING ENTERPRISE USERS .EVER USE A COMMON )$ TO ACCESS A DATABASE s "USINESS CONTROLS& )MPLEMENT RULES PROCESSES AND PRACTICES TO GOVERN ACCESS TO ASSETS AND DATA USE AND MANAGEMENT !DDITIONALLY DOCUMENTING DATA mOW HELPS YOU FULLY UNDERSTAND VULNERABILITIES AND ENSURES ANY NETWORK OR SYSTEM SEGMENTATION IS EFFECTIVE AT ISOLATING ACCESS TO ALL COMPONENTS OF THE DATABASE ENVIRONMENT INCLUDING THE NETWORK /3S ROUTERS AND SERVERS THAT CAN CONTAIN SENSITIVE DATA /NCE YOU UNDERSTAND THE DATA mOW AND REVIEW SECURITY PROCESSES TO PROTECT THE DATA AND ITS ENVIRONMENT CONSTANT MONITORING AND AUDITING IS NECESSARY TO MAKE SURE your business processes and access controls are effective OR BEING FOLLOWED ACROSS YOUR COMPANY – J.P. SECONDARY AUTHORIZATION )$S ÈIE THE GROUPS ASSOCIATED WITH THE PRIMARY AUTHORIZATION )$É' 31, )$S' AND A ROLE 3OME PRIVILEGES CA NBE EXERCISED BY ONLY ONE TYPE OF )$ OR A ROLE' OTHER PRIVILEGES CA NBE EXERCISED BY MULTIPLE )$S OR ROLES 4HE $" CATALOG RECORDS THE PRIVILEGES THAT )$S ARE GRA N AND THE OBJECTS )$S OWN TED s /WNERSHIP MANAGES IMPLICIT PRIVILEGES AND CARRIES A SET OF RELATED PRIVILEGES $" PROVIDES SEPARATE CONTROLS FOR OBJECT creation and ownership. Identity Propagation Improves Authentication !UTHENTICATION IS THE FIRST SECURITY CAPABILITY ENCOUNTERED WHEN USING $" FOR Z/3 4HE USER MUST BE IDENTIFIED AND AUTHENTICATED BEFORE BEING ALLOWED TO USE ANY OF THE $" FOR Z/3 SERVICES $" FOR Z/3 USES THE Z/3 3ECURITY 3ERVERˆ WITH 2 !#& OR THE SYSTEM AUTHOR IZATION FACILIT Y È3! &É EQUIVALENTˆFOR AUTHENTICATION AND AUTHORIZATION TO ACCESS ANY $" SUBSYSTEM 4ODAYÇS NET WORK ENV I RON MENT S A RE COMPR I SED OF A COMPLEX GROUP OF SYSTEMS AND APPLICATIONS RESULTING IN THE NEED TO MANAGE MULTIPLE USER REGISTRIES 4YPICAL HETEROGENEOUS conf igurations have different platforms authenticating USERS PRIOR TO A C CESSING $" 4HIS FORCES REMOTE APPLICATIONS TO USE COMMON USER )$S TO ESTABLISH CONNECTIONS TO $" 4HEREFORE $" AND Z/3 AUDIT LOGS DONÇT CONTAIN THE ACTUAL user associated with data access. You can now configure the application server to propagate THE ENDUSER )$ EVEN IF IT ISNÇT A 2!#& USER )$ )F PROVIDED $" ACCOUNTING AND 2!#& AUDIT RECORDS WILL CONTAIN THE ACTUAL USER ASSOCIATED WITH DATA ACCESS AND NOT THE COMMON )$ USED TO ESTABLISH THE CONNECTIONS 4HEREFORE $" NOW PROVIDES AUDITORS WITH THE ACTUAL END USER WHO IS ACCESSING SENSITIVE DATAˆALLOWING compliance with governance and other security requirements. Authorization-Management Options !UTHORIZATION IS THE NEXT SECURITY CONTROL USERS ENCOUNTER 7HEN AN APPLICATION GAINS ACCESS TO A SUBSYSTEM THE USER HAS BEEN AUTHENTICATED AND ACCESS TO $" IS CHECKED USING 2!#& $" THEN CONTROLS DATA ACCESS THROUGH THE USE OF IDENTIFIERS associated wit h t he aut henticated user. Ever y process ACCESSING $" IS ASSIGNED A PRIMARY AUTHORIZATION )$ SECONDARY AUTHORIZATION )$S AND POSSIBLY A ROLE !LL PRIVILEGES ASSOCIATED WI T TH E)$S AND ITS ASSOCIATED AUTHORITIES ENABLE YOU TO TAKE H SPECIFIC ACTIONS IN $" 4HEREFORE YOU MANAGE ACCESS TO $" OBJECTS AND DATA THROUGH THESE AUTHORIZATION )$S OR ROLES s 0RIVILEGES GRANT AND REVOKE EXPLICIT PRIVILEGES THROUGH AUTHORIZATION )$S OR ROLES $" HAS PRIMARY AUTHORIZATION )$S' 28 NOV EMBER/DEC EMBER 20 09 ibmsystemsmag.com/mainframe

IBM Systems Magazine, Mainframe Edition - November/December 2009

Table of Contents for the Digital Edition of IBM Systems Magazine, Mainframe Edition - November/December 2009

Table of Contents
Editor's Desk:  Modus Operandi on a Budget
Trends:  DB2 X Leads the Industry to Minimize Complexity and Maximize Productivity
IT Today: New System z Solution Editions Provide a Cost-Effective Way to Meet Business Demands
Focus on Storage:  DFSMS Delivers Enhancements and Improvements With the New Release of z/OS
Cover Story:  IBM Smart Analytics Optimizer Reinvents the Data Warehouse.
Feature: IBM Offers Security Improvements In DB2 Version 9 and Beyond.
Administrator:  Configuring AEM to Monitor Power Usage
Tips & Techniques:  Managing BI With IBM Workload Manager
Advertiser's Index
Product News
Stop Run:  A New Web Site Celebrates the Mainframe’s Comeback
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Cover1
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Cover2
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 1
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Table of Contents
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 3
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 4
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 5
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 6
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 7
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Editor's Desk:  Modus Operandi on a Budget
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 9
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Trends:  DB2 X Leads the Industry to Minimize Complexity and Maximize Productivity
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 11
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 12
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 13
IBM Systems Magazine, Mainframe Edition - November/December 2009 - IT Today: New System z Solution Editions Provide a Cost-Effective Way to Meet Business Demands
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 15
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 16
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 17
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Focus on Storage:  DFSMS Delivers Enhancements and Improvements With the New Release of z/OS
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 19
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 20
IBM Systems Magazine, Mainframe Edition - November/December 2009 - IBM-1
IBM Systems Magazine, Mainframe Edition - November/December 2009 - IBM-2
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 21
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Cover Story:  IBM Smart Analytics Optimizer Reinvents the Data Warehouse.
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 23
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 24
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 25
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Feature: IBM Offers Security Improvements In DB2 Version 9 and Beyond.
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 27
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 28
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 29
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 30
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 31
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Administrator:  Configuring AEM to Monitor Power Usage
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 33
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 34
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 35
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Tips & Techniques:  Managing BI With IBM Workload Manager
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 37
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 38
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Product News
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Stop Run:  A New Web Site Celebrates the Mainframe’s Comeback
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Cover3
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Cover4
IBM Systems Magazine, Mainframe Edition - November/December 2009 - RF1
IBM Systems Magazine, Mainframe Edition - November/December 2009 - RF2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20191112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/relevantz_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2019mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20181112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2018mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20171112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_sesupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_linuxsupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20161112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/MainframeSecurity
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20151112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910_se
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910
http://www.ibmsystemsmagmainframedigital.com/MFSkills
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506_supp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20141112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_gt_201405
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/BigData
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20131112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20121112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/buyersguide2013
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/ibmsystems_mainframe_2012bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20111112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20101112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910_bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20091112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090506
http://www.nxtbook.com/nxtbooks/ibmsystemsmag/mainframe_20090304
http://www.nxtbook.com/nxtbooks/mspcomm/ibmsystems_mainframe_200901
http://www.nxtbookMEDIA.com