Slide 1

Download Report

Transcript Slide 1

Introduction to the new mainframe: Large-Scale Commercial Computing

Chapter 4: Integrity and security

© Copyright IBM Corp., 2006. All rights reserved.

Introduction to the new mainframe

Chapter objectives

After completing this chapter, you will be able to:

Describe the security and integrity needs of a large-scale operating environment

Describe the methods for serialization in a multi-user environment

Describe the built-in features that enable integrity and security

Describe the two-phase commit process and why it is needed

Describe the features needed from an add-on security package

© Copyright IBM Corp., 2006. All rights reserved. 2

Introduction to the new mainframe © Copyright IBM Corp., 2006. All rights reserved. 3

Introduction to the new mainframe

Integrity

1.

2.

Data Integrity – Primarily concerned with the accidental damage and recovery of data. System Integrity – Ensures there is no way for any unauthorized program to:

   Bypass store or fetch protection Bypass security checking Obtain control in an authorized state © Copyright IBM Corp., 2006. All rights reserved. 4

Introduction to the new mainframe

Serialization

Serialization means make a resource to be used on a one-at-a time basis Methods to prevent concurrent updates:

Enqueing

Reserves

 

Locks Global Resource Serialization (GRS)

© Copyright IBM Corp., 2006. All rights reserved. 5

Introduction to the new mainframe

Serialization - GRS

© Copyright IBM Corp., 2006. All rights reserved. 6

Introduction to the new mainframe

DFSMS

DFSMS is the component of the operating system that controls all data set allocation and provides automatic backup of the data The DFSMS constructs:

 

Data class Storage class

 

Management class Storage group

ACS routines

 

Aggregate group Copy Pools

© Copyright IBM Corp., 2006. All rights reserved. 7

Introduction to the new mainframe

SMS Constructs

© Copyright IBM Corp., 2006. All rights reserved. 8

Introduction to the new mainframe

Auditing

Auditing is the process of ensuring that the information processing system complies with the installation security policy.

Auditing may be:

A one time project (e.g; a snap inspection) or

An ongoing process System Management Facilities : writes audit records o DASD System Logger : log changes to data

© Copyright IBM Corp., 2006. All rights reserved. 9

Introduction to the new mainframe

Resource Recovery Services (RRS)

RRS is the coordinating resource manager that assures that all the updates of the different data storage places are correctly coordinated and that the data integrity is maintained.

© Copyright IBM Corp., 2006. All rights reserved. 10

Introduction to the new mainframe

RRS – Two-phase commit

Resource Application Recovery Services (RRS) Resource Manager 1 Resource Manager 2 Resource Manager 3

© Copyright IBM Corp., 2006. All rights reserved. 11

Introduction to the new mainframe

Data backup and recovery

Depending on the needs of the company Some tools:

FlashCopy (on 1 subsystem)

Remote Copy

 

Metro Mirror Global Copy

  

Global Mirror Global Mirror for IBM System z Other backup and recovery solutions:

© Copyright IBM Corp., 2006. All rights reserved. 12

Introduction to the new mainframe

Data backup and recovery : FlashCopy

© Copyright IBM Corp., 2006. All rights reserved. 13

Introduction to the new mainframe

Data backup and recovery : Remote Copy

© Copyright IBM Corp., 2006. All rights reserved. 14

Introduction to the new mainframe

Data backup and recovery : Metro Mirror

When the application performs a write update operation to a primary volume, this is what happens: 1.Write to primary volume (DS6000 cache and NVS).

2.Write to secondary (DS6000 cache and NVS).

3.Signal write complete on the secondary DS6000.

4.Post I/O complete to host server.

© Copyright IBM Corp., 2006. All rights reserved. 15

Introduction to the new mainframe

Data backup and recovery: Global Copy

The primary and secondary copies can be separated by any distance. The process is as follows: 1. The host server requests a write I/O to the primary DS6000. The write is staged through cache and non-volatile storage (NVS).

2. The write returns to the host server’s application.

3. At a later time, that is, in a non synchronous manner, the primary DS6000 sends the necessary data so that the updates are reflected on the secondary volumes. The updates are grouped in batches for efficient transmission.

4. The secondary DS6000 returns write complete to the primary DS6000 when the updates are secured in the secondary DS6000 cache and NVS. The primary DS6000 then resets its change recording information.

© Copyright IBM Corp., 2006. All rights reserved. 16

Introduction to the new mainframe

Data backup and recovery:

Global Mirror

Global Mirror for IBM System z

Other backup and recovery solutions:

 Data set level  Volume level  Application level © Copyright IBM Corp., 2006. All rights reserved. 17

Introduction to the new mainframe © Copyright IBM Corp., 2006. All rights reserved. 18

Introduction to the new mainframe

Security IBM System Z partitioning achieves highest certification

• System Z servers achieve Common Criteria Security Certification Evaluation Assurance Level 5.

ATTENTION: Only the IBM mainframe partitions have attained an EAL5 rating.

• U. S. Government had rated the mainframe EAL4+ • PR/SM configures separate logical systems on the same hardware. It prevents the flow of information among logical partitions, providing a highly secure isolated environment .

© Copyright IBM Corp., 2006. All rights reserved. 19

Introduction to the new mainframe

z/OS Architecture : Enforced Isolation

Address Spaces Virtual Storage (memory) Physical Storage Real Storage (frames) Address Spaces - Unique area for executing and storing data for each user or program. Frames – 4096-byte chunks of storage protected keys.

© Copyright IBM Corp., 2006. All rights reserved. 20

Introduction to the new mainframe

z/OS System Security Mechanisms

Supervisor Call Routine (SVC) Problem State Supervisor State Authorized Program Facility (AFP) Storage Protection Keys Authorized Program Code to perform system level functions. Most modules run in this state.

Only operating system modules run in this state.

1. Limits the use of sensitive SVCs to authorized programs. 2. Ensures that all modules fetched by authorized programs only come from authorized libraries. Keys 0-7 are system keys and can only be obtained by programs in supervisor state. Keys 8-15 are user keys.

Any program that runs, in supervisor state, with APF authorization, with a storage key in 0-7.

© Copyright IBM Corp., 2006. All rights reserved. 21

Introduction to the new mainframe

z/OS System Security

An attribute of z/OS such that there is no way for an unauthorized program:

 

To bypass store or fetch protection. To bypass Password, RACF, or System Authorization Facility (SAF) mediated security checking, or,

To obtain control in an authorized state

© Copyright IBM Corp., 2006. All rights reserved. 22

Introduction to the new mainframe

z/OS Security

Accessor Environment Element (ACEE) Operating system control block which is assigned when a user logs on the system and is used for authentication and auditing.

Security Access Facility (SAF) Operating system function which provides security for resources. It is called for every access attempt and access is either granted or denied. External security products such as Top Secret and RACF are used to define, users, resources and access levels.

z/OS Security Server (RACF) Optional z/OS feature to provide additional security enhancements.

© Copyright IBM Corp., 2006. All rights reserved. 23

Introduction to the new mainframe

z/OS Certification

On March 11,2005, BSI awarded IBM EAL3+ certification for its flagship operating system z/OS 1.6 with the RACF optional feature.

The certification encompasses Controlled Access Protection Profile (CAPP) EAL3+ and Labeled Security Protection Profile (LSPP) EAL 3+. z/OS 1.5 and later with the RACF optional feature and DB2 Version 8, provides a multilevel security (MLS) solution.

© Copyright IBM Corp., 2006. All rights reserved. 24

Introduction to the new mainframe

Functions provided by z/OS Security Server

Traditional Functions 1. Identify and authenticate users.

2. Authorize users to protected resources.

3.

Control users’ level of authorization to resources. 4. Log and report attempts to unauthorized.

5. Providing auditing functions. Newer Functions 1.

2.

Generation/Management of digital certificates. Multilevel security

© Copyright IBM Corp., 2006. All rights reserved. 25

Introduction to the new mainframe

Summary

The New Mainframe:

• • •

Has several possibilities for to guaranty the integrity of the data Data can be recovered when needed Has several possibilities to make sure that the data is save and secure

© Copyright IBM Corp., 2006. All rights reserved. 26

Introduction to the new mainframe

Key terms in this chapter

• • • • • • • • • • • • • •

ACEE APF Audit Backup DFSMS EAL ENQ Remote Copy FlashCopy Global Mirror GRS Integrity Lock Program states

• • • • • • • • • • • •

RACF Remote copy RRS SAF Security Serialization SMF SMS Storage protect key SVC System logger Two-phase commit

© Copyright IBM Corp., 2006. All rights reserved. 27