fhs
Volume 7, Number 15 -- April 17, 2007

IBM Addresses Object-Level Security with New Tool

Published: April 17, 2007

by Alex Woodie

You have choices in how you implement security on your i5/OS server. Data-centric security implemented at the folder or object level is the most rigorous type of security you can implement, but it is also the toughest to deploy and maintain. To address this challenge, IBM last week unveiled Secure Perspective for System i, a new tool that uses natural language processing to make it easier to secure i5/OS machines at the object or folder level.

Object-level security is powerful stuff on the i5/OS server. It gives administrators the ability to say what objects will be available to which users and when, and which objects users won't be allowed access to. With object-level security properly implemented, system administrators can rest easy knowing their critical System i data and programs are protected from unauthorized access, even if they haven't taken steps to clamp down network access via FTP, ODBC, or other easy routes of passage into unprotected i5/OS servers.

But, obviously, it's not all sweet potatoes on easy street. The rub on object-level security is that it's difficult to implement, and that has been the case for many years. Several third-party vendors have jumped at the opportunity to put a layer of abstraction in front of the IBM commands with their own tools, to make it easier to get to the nirvana of object-level security. Now, IBM is addressing the complexity level, too, with Secure Perspective for System i.

With Secure Perspective, IBM is providing a way for managers and executives without technical skills to have input into the implementation of object- and folder-level security. The software features a browser-based interface that allows non technical people to define a security policy, using "natural language" (i.e., not arcane i5/OS commands).

After the non technical managers create their policy with Secure Perspective, and a systems administrator with technical skills has mapped the policy to the actual location of the data on the iSeries or System i server, then the changes are automatically implemented.

Secure Perspective provides two other functions in addition to implementing object-level security. First, it includes a "what if" modeler that is designed to predict how a policy will affect the system, and identify potential problems that it may create. (Obviously, you wouldn't want to accidentally restrict all your users from accessing the system--one of object-level security's potential problems, and one of the reasons it has been difficult to implement.)

The second additional function is the generation of compliance reports demonstrating object-level security, as well as reports detailing all security policy changes or deviations. You may have the most secure System i setup in the Lower 48, but nobody--including your auditor--is going to believe you unless you prove it to them with a report. This is why security reporting tools have become so important in this post-SOX world.

Secure Perspective works i5/OS V5R3 and V5R4. The software will become available May 4. Licenses for the software start at $1,500 per processor. For ordering information, see the Software Announcement Letter.


                     Post this story to del.icio.us
               Post this story to Digg
    Post this story to Slashdot

Sponsored By
COMMON

Customize your System i education in 2007 with
COMMON's 2007 Annual Conference & Expo,
April 29 - May 3, 2007 in Anaheim, California.

This premier System i education and networking event promises to be larger than our recent conferences, providing invaluable learning and networking opportunities for you and your employees.

The Annual Conference & Expo will be the flagship event of the new "COMMON…Customized" education model, offering over 500 educational sessions, hands-on labs, and all-day workshops. We've added new tracks on hot topics like PHP, open source, and IP telephony - all delivered by the most respected experts in the IT industry. In addition, the new COMMON Annual Conference & Expo will offer non-technical, professional development sessions to help IT managers resolve daily business issues.

COMMON's 2007 Annual Conference & Expo will offer:
· More session hours, including over 500 sessions and hands-on labs
   in a range of choices every hour.
· More user sessions that are driven by users, including customer experience sessions.
· More in-depth education that includes all-day pre-conference workshops,
   all-day Integrated Seminars, open labs and a wide variety of regular-length sessions.
· Emphasis on networking that provides great opportunities to network with your peers,
   IBM developers and executives, and industry experts.
· An extensive Expo of new companies showcasing the latest System i-related
   industry solutions.

The COMMON Annual Conference & Expo is one of the most cost-effective ways to gain knowledge and tools needed to meet the changing demand of IT. You'll pay a reasonable amount for intensive education, and realize a tangible, immediate return on your investment. In addition to the direct cost savings, the networking opportunities and professional contacts are immeasurable.

The COMMON 2007 Annual Conference & Expo is a System i educational and networking event that you and/or your team won't want to miss. To learn more about the conference and to register online, visit www.common.org/conference.html.

The Annual Conference & Expo is just one of the many benefits to COMMON membership, so don't miss out on your opportunity to attend this premier event.

www.common.org
Editor: Alex Woodie
Contributing Editors: Dan Burger, Joe Hertvik,
Shannon O'Donnell, Timothy Prickett Morgan
Publisher and Advertising Director: Jenny Thomas
Advertising Sales Representative: Kim Reed
Contact the Editors: To contact anyone on the IT Jungle Team
Go to our contacts page and send us a message.

Sponsored Links

Computer Keyes:  Rapidly convert *SCS printer files into black and white or full color PDF documents
COMMON:  Join us at the 2007 conference, April 29 – May 3, in Anaheim, California
VAULT400:  Securely archive data with Instant Back-Up & 24x7 Recovery

IT Jungle Store Top Book Picks

The System i Pocket RPG & RPG IV Guide: List Price, $69.95
The iSeries Pocket Database Guide: List Price, $59.00
The iSeries Pocket Developers' Guide: List Price, $59.00
The iSeries Pocket SQL Guide: List Price, $59.00
The iSeries Pocket Query Guide: List Price, $49.00
The iSeries Pocket WebFacing Primer: List Price, $39.00
Migrating to WebSphere Express for iSeries: List Price, $49.00
iSeries Express Web Implementer's Guide: List Price, $59.00
Getting Started with WebSphere Development Studio for iSeries: List Price, $79.95
Getting Started With WebSphere Development Studio Client for iSeries: List Price, $89.00
Getting Started with WebSphere Express for iSeries: List Price, $49.00
WebFacing Application Design and Development Guide: List Price, $55.00
Can the AS/400 Survive IBM?: List Price, $49.00
The All-Everything Machine: List Price, $29.95
Chip Wars: List Price, $29.95
 
The Four Hundred
IBM Goes After Windows with User-Priced System i Servers

IBM Upgrades High-End System i5 Servers

Wheeling and Dealing to Move System i Iron

System i and the Web: Where We've Been and Where We're Going

The Linux Beacon
AMD Pushes Opteron Clocks to 3 GHz, Will Miss Q1 Revenue Targets

Xandros Server 2 To Get Integrated Virtualization and Messaging

X4 Chipset from IBM Tuned for Tigerton Quad Core Xeon MPs

The X Factor: Virtualization Belongs in the System, Not in the Software

Big Iron
CA Tweaks Job Schedulers, Positions Them as Workload Automation

Top Mainframe Stories From Around the Web

Chats, Webinars, Seminars, Shows, and Other Happenings

Four Hundred Guru
Missing In Action: The Full Outer Join

Reader Feedback on One-Man System i Shops

Admin Alert: The Process and Pitfalls of Duplicating Libraries

System i PTF Guide
April 7, 2007: Volume 9, Number 14

March 31, 2007: Volume 9, Number 13

March 24, 2007: Volume 9, Number 12

March 17, 2007: Volume 9, Number 11

March 10, 2007: Volume 9, Number 10

March 3, 2007: Volume 9, Number 9

The Windows Observer
Vista's Security Honeymoon Is Over

'Longhorn' Nears the Gate

AMD Pushes Opteron Clocks to 3 GHz, Will Miss Q1 Revenue Targets

X4 Chipset from IBM Tuned for Tigerton Quad Core Xeon MPs

The Unix Guardian
Yen Explains Sun's Chip Strategy

Hello, New York? Buy IBM

Schwartz Blogs a Bit About the Dud Rock Chip on His Desk

As I See It: The Legacy

Four Hundred Monitor
Four Hundred Monitor's
Full iSeries Events Calendar

THIS ISSUE SPONSORED BY:

LANSA
Aldon
COMMON
Computer Keyes
Twin Data



TABLE OF CONTENTS
Oracle Declares a 'Renaissance' for J.D. Edwards World

Shield Launches 'DR for the Masses'

IBM Addresses Object-Level Security with New Tool

More Details Emerge on Query/400's Java-Based Replacement

News Briefs and Product Shorts:

LogLogic 4.0: A View to a Log . . . Raz-Lee Signs BOSaNOVA to Resell Security Software . . . Ericom Supports Windows Vista with PowerTerm WebConnect . . . EXTOL's New 'EDI Appliance' Based on System i Express Model 515 . . . Global Hires Beer, Rolls Out New Web Site . . . SOAs Are Being Implemented at Large Companies, Evans Data Says . . .

Four Hundred Stuff

BACK ISSUES





 
Subscription Information:
You can unsubscribe, change your email address, or sign up for any of IT Jungle's free e-newsletters through our Web site at http://www.itjungle.com/sub/subscribe.html.

Copyright © 1996-2008 Guild Companies, Inc. All Rights Reserved.
Guild Companies, Inc., 50 Park Terrace East, Suite 8F, New York, NY 10034

Privacy Statement