Network Data Encryption

 

Figure 58. Client outside the trusted community causing a security breaches

A client existing outside the trusted community can become aware of the

community's existence. Furthermore, a malignant client can introduce a ªsniffº

program that can read and change data as it transfers in the client/server

relationship. It accomplishes this by intercepting the data ¯ow and altering the data

on contact. The system sends unencrypted data as plain text between the client

and server. Therefore, any system that is ªsniffingº for such data can access it for

reading by interacting with the token ring, ethernet, or other network interfaces.

There are various ways to protect the individual servers and clients in the community from outside intruders. There are also methods of protecting data as it is being sent from client to server and back again:

1.Users can code data with encryption engines, if they are located on both the client and the server. These engines code information as it leaves the ªsourceº client or server and then decode the information when it reaches the ªtargetº client or server.

2.The identities of users can be authenticated using the following methods:

a.AUTH_UNIX. Authorization to objects is controlled by user identi®cation (UID) only. There is no encryption whatsoever. AS/400 automatically performs this type of object authorization.

b.AUTH_DES. This is the Data Encryption Standard (DES). Using this type of encryption will protect data.

c.AUTH_KERBEROS. This type of encryption protects the user through a third party administrator who administers authority tokens that are based on a trusted token manager. Kerberos security can enforce the trusted community. Kerberos is the authentication protocol used to implement private key authorization. Kerberos relies on complete and total authentication of users and authorities within the trusted community, allowing no one else access to data.

82OS/400 Network File System Support V4R4

Page 99 Page 101
Page 100
Image 100
IBM AS/400E manual Network Data Encryption
Page 99 Page 101

AS/400E specifications

The IBM AS/400E, now more commonly known as IBM i, is a robust and versatile midrange server that has been designed to provide a comprehensive computing solution for businesses of all sizes. First introduced in the late 1980s, the AS/400 series has undergone multiple enhancements and rebranding, with the AS/400E being one of the notable iterations. This powerful platform is closely associated with IBM's commitment to reliability, scalability, and integrated business solutions.

One of the main features of the AS/400E is its highly integrated architecture that combines hardware and software into a cohesive system. This integration allows for seamless operations, reducing the complexity typically associated with managing disparate systems. The system is powered by IBM's proprietary OS/400 operating system, which has evolved into IBM i, featuring advanced capabilities like object-oriented programming, integrated database management, and security features that are essential for enterprise environments.

A key characteristic of the AS/400E is its robust database support, primarily through the use of DB2 for i. This integrated database management system enables efficient data handling and retrieval, facilitating real-time business analytics and reporting. Furthermore, the platform supports a variety of programming languages, including RPG, COBOL, and Java, making it flexible for developers who require diverse tools for application development.

The AS/400E is also known for its exceptional reliability and uptime, making it a preferred choice for critical business applications in industries such as finance, healthcare, and manufacturing. This reliability is backed by advanced error detection and correction mechanisms, as well as redundancy features that help prevent data loss and minimize downtime.

In terms of scalability, the AS/400E can effortlessly expand to accommodate growing business demands. Organizations can increase processing power by adding more resources without significant disruption. This scalability, combined with the system’s built-in virtualization capabilities, allows businesses to optimize resource usage and streamline operations.

Security is another defining feature of the AS/400E. The platform incorporates various layers of security measures, including user authentication, encryption, and comprehensive auditing capabilities, ensuring that sensitive business data is protected against unauthorized access.

Overall, the IBM AS/400E remains a powerful tool in the enterprise computing landscape, providing businesses with an integrated, reliable, and secure solution for their technological needs. Its enduring popularity is a testament to its capability to evolve with changing business requirements while maintaining its core attributes of high performance and stability.
Top Page Image Contents