IBM Systems Magazine, Mainframe Edition - November/December 2009 - 30

s 0ACKAGE EXECUTION MEANS APPLICATION ACCESS TO $" DATA REQUIRES THE USE OF A PACKAGE AND PACKAGES ARE REQUIRED TO EXECUTE 31, STATEMENTS %VERY PACKAGE HAS AN OWNER OR ROLE ASSOCIATED WITH IT 4O EXECU E ANY 31, STATEMENTS BOUND IN A T PACKAGE THE 31, )$ OR ROLE ASSOCIATED WITH THE PACKAGE MUST HAVE THE EXECUTE PRIVILEGE 4HIS APPROACH ELIMINATES THE NEED TO AUTHORIZE ALL USERS TO ALL OBJECTS USED IN A PACKAGE s 2OLES CAN CONTROL OBJECT ACCESS THROUGH ASSIGNED PRIVILEGES AND AUTHORITIES 2OLES ARE ASSIGNED BY A TRUSTED CONTEXT A FEATURE THAT ESTABLISHES TRUST BETWEEN A SECURE APPLICATION AND $" UPON USER CONNECTION !FTER ESTABLISHING A TRUSTED CONNECTION THE ROLE CAN BE GRANTED SPECIAL PRIVILEGES BASED ON THE CONTEXT &OR MORE INFORMATION ON ROLES AND TRUSTED CONTEXT SEE h$" % &EATURES (ELP %NSURE #OMPLIANCEv ÈW W WIBM S Y S TE M SMAGCOM MA I N F R A ME MAY JU NE  %  ADMINISTRATOR!"!PASPXÉ s 3EC U R IT Y LABELS A L LOW YOU TO CLASSIF Y OBJECT S A ND USERS ARE BASED ON HIERARCHICAL SECURITY LEVELS AND NON HIERARCHICAL SECURITY CATEGORIES -ULTILEVEL SECURITY PREVENTS UNAUTHORIZED USERS FROM ACCESSING INFORMATION AT A HIGHER CLASSIFICATION THAN THEIR AUTHORIZATION AND PREVENTS USERS FROM DECLASSIF YING INFORMATION -ULTILEVEL SECURIT Y PROVIDES MANDATORY ACCESS TO PROTECT TABLE DATA BASED ON THE SECURITY LABEL ASSOCIATED WITH EACH ROW TAPE !LL EXPLOIT 3YSTEM Z #RYPTO HARDWARE FEATURES DESIGNED TO PROVIDE BETTER PERFORMANCE AND INDUSTRYLEVEL SECURITY BUILTINTO Z/3 SERVERS Beyond Version 9 )"- PLANS TO CONTINUE TO EXPAND $" SECURITY SOLUTIONS TO EASE THE COST OF DEPLOYING SECURITY FEATURES WITH EXISTING DATABASE APPLICATIONS !DMINISTRATORS CAN ESTABLISH SECURITY POLICIES OR SECURITY LOGIC WITHIN THE DATABASE THUS ENFORCING SECURITY CONTROLS ON ALL APPLICATIONS AND TOOLS THAT ACCESS A DATABASE 7ITH THESE FEATURES COMPANIES CAN COMPLY WITH Selective Filtering Improves Auditing 4HE AUDIT FACILITY INTEGRATED INTO $" AND Z/3 CAN TRACK USER ACTIONS IN THE $" DA ABASE SYSTEM .OW AUDITORS HAVE T FILTERING CAPABILITIES BUILT INTO $" TO ALLOW REALTIME AUDITING WITHOUT IMPACTING PRODUCTION SYSTEMS !UDITORS CAN ALSO COLLECT AUDIT AND STORE DATA IN AN AUDIT REPOSITORY AND THEN VIEW AN A LYZE AND GENERATE COMPREHENSIVE REPORTS ON THE DATA USING THE )"- $" !UDIT -ANAGEMENT %XPERT FOR Z/3 9OU CAN SELECTIVELY FILTER 3%,%#4 ).3%24 50$!4% AND $%,%4% ACTIVITY BY USER OR BY OBJECT AND EXPORT THESE FILTERS FOR USE ON ANOTHER $" SUBSYSTEM End-to-End Encryption $" % FOR Z/3 SUPPOR TS A LL ENCR Y PTION LEVELS TO HELP PROTECT DATA CONFIDENTIALITY WHEN ITÇS TRANSMITTED IN THE NETWORK OR WHEN ITÇS STORED ON DISK &OR DATATRANSMISSION CONFIDENTIALITY Z/3 !PPLICATION 4RANSPARENT 4RANSPORT ,AYER 3ECURITY PROVIDES A SECURE LINK BETWEEN REMOTE APPLICATIONS AND $" 4HERE ARE TWO OPTIONS FOR DATAATREST ENCRYPTION& $ATA %NCRYPTION FOR )-3 AND THE $" DATABASES TOOL USED TO ENCRYPT DATA IN TABLE AND SELFENCRYPTING $3$ DISKS 4HE SELFENCRYPTING FEATURE ALLOWS YOU TO EASILY COMPLY WITH REGULATIONS WITHOUT IMPACTING PERFORMANCE OR APPLICATIONS 7HEN OFFLOADING BACKUPS AND ARCHIVE LOGS TAPE UNITS ALSO OFFER ENCRYPTION BUILT INTO THE DRIVE TO PROTECT THE ARCHIVE 30 NOV EMBER/DEC EMBER 20 09 NEW REGULATIONS WITHOUT CHANGING EXISTING APPLICATIONS SINCE SECURITY LOGIC IS SEPARATED FROM APPLICATION LOGIC 4HE EVOLUTION OF SECURITY POLICIES ALSO BECOMES EASIER TO DEPLOY SINCE THE SECURITY LOGIC CAN BE AUTOMATICALLY DEPLOYED AGAINST ALL 31, ACCESS TO THE DATA 4HESE CONTROLS CAN PREVENT THE USE 31, TO BYPASS VIEWS APPLICATION SECURITY LOGIC OR PREVENT THE USE OF 31, INJECTION TO ATTACK A DATABASE )N THE PAST BUSINESSES PROTECTED DATABASES FROM EXTERNAL USERS BUT BECAUSE OF NEW REGULATIONS THEYÇRE NOW REQUIRED TO PROTECT DATABASES FROM INTER NAL OR PR IV ILEGED USERS !DDITIONAL CONTROLS ARE AVAILABLE WITHIN THE DATABASE TO PROTECT SENSITIVE DATA F ROM PR IV ILEGED ADMINISTRATORS #USTOMIZED MORE GRANULAR ADMINISTRATIVE AUTHORITIES ARE PLANNED FOR FUTURE $" RELEASES .EW REGULATIONS REQUIRE SECUR IT Y ADMINISTRATION TO BE SEPARATED FROM DATABASE ADMINISTRATION !DMINISTRATORS CAN MANAGE THE DATABASE BUT WONÇT HAVE THE AUTHORITY TO MANAGE ITS SECURITY POLICIES !CCESS TO DATA WOULD REQUIRE MORE THAN ONE PERSON TO OBTAIN THE NECESSARY PRIVILEGESˆMINIMIZING DATA EXPOSURE )N MANY RESPECTS SECURITY IS MUCH LIKE AVAILABILITY& )TÇS A BASIC REQUIREMENT THAT SHOULDNÇT BE COMPROMISED 4HE KEY INGREDIENT IN A SOLID SECURITY STRATEGY IS PROPER INVESTMENT PLANNING AND IMPLEMENTATION $" % FOR Z/3 DELIVERS AN UNPRECEDENTED SECURIT Y INFRASTRUCTURE AGAINST EVOLVING EXTERNAL THREATS AS WELL AS INTERNAL ONES Jim Pickel is a senior technical staff member for IBM who specializes in DB2 connectivity and security and information management. Jim can be reached at pickel@us.ibm.com. ibmsystemsmag.com/mainframe

IBM Systems Magazine, Mainframe Edition - November/December 2009

Table of Contents for the Digital Edition of IBM Systems Magazine, Mainframe Edition - November/December 2009

Table of Contents
Editor's Desk:  Modus Operandi on a Budget
Trends:  DB2 X Leads the Industry to Minimize Complexity and Maximize Productivity
IT Today: New System z Solution Editions Provide a Cost-Effective Way to Meet Business Demands
Focus on Storage:  DFSMS Delivers Enhancements and Improvements With the New Release of z/OS
Cover Story:  IBM Smart Analytics Optimizer Reinvents the Data Warehouse.
Feature: IBM Offers Security Improvements In DB2 Version 9 and Beyond.
Administrator:  Configuring AEM to Monitor Power Usage
Tips & Techniques:  Managing BI With IBM Workload Manager
Advertiser's Index
Product News
Stop Run:  A New Web Site Celebrates the Mainframe’s Comeback
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Cover1
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Cover2
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 1
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Table of Contents
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 3
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 4
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 5
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 6
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 7
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Editor's Desk:  Modus Operandi on a Budget
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 9
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Trends:  DB2 X Leads the Industry to Minimize Complexity and Maximize Productivity
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 11
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 12
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 13
IBM Systems Magazine, Mainframe Edition - November/December 2009 - IT Today: New System z Solution Editions Provide a Cost-Effective Way to Meet Business Demands
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 15
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 16
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 17
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Focus on Storage:  DFSMS Delivers Enhancements and Improvements With the New Release of z/OS
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 19
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 20
IBM Systems Magazine, Mainframe Edition - November/December 2009 - IBM-1
IBM Systems Magazine, Mainframe Edition - November/December 2009 - IBM-2
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 21
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Cover Story:  IBM Smart Analytics Optimizer Reinvents the Data Warehouse.
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 23
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 24
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 25
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Feature: IBM Offers Security Improvements In DB2 Version 9 and Beyond.
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 27
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 28
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 29
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 30
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 31
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Administrator:  Configuring AEM to Monitor Power Usage
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 33
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 34
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 35
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Tips & Techniques:  Managing BI With IBM Workload Manager
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 37
IBM Systems Magazine, Mainframe Edition - November/December 2009 - 38
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Product News
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Stop Run:  A New Web Site Celebrates the Mainframe’s Comeback
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Cover3
IBM Systems Magazine, Mainframe Edition - November/December 2009 - Cover4
IBM Systems Magazine, Mainframe Edition - November/December 2009 - RF1
IBM Systems Magazine, Mainframe Edition - November/December 2009 - RF2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/relevantz_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2019mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20181112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2018mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20171112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_sesupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_linuxsupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20161112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/MainframeSecurity
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20151112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910_se
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910
http://www.ibmsystemsmagmainframedigital.com/MFSkills
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506_supp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20141112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_gt_201405
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/BigData
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20131112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20121112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/buyersguide2013
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/ibmsystems_mainframe_2012bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20111112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20101112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910_bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20091112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090506
http://www.nxtbook.com/nxtbooks/ibmsystemsmag/mainframe_20090304
http://www.nxtbook.com/nxtbooks/mspcomm/ibmsystems_mainframe_200901
http://www.nxtbookMEDIA.com