Securing DB2 and Implementing MLS on z/OS

Securing DB2 and Implementing MLS on z/OS

by Chris Rayns, Doug Behrends, Rick Butler, Kirsten Ann Larsen, Maggie Lin, Glenn Yuki
Released April 2007
Publisher(s): IBM Redbooks
ISBN: None

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Today's computing environment is subject to increasing regulatory pressures and potentially malicious attacks.

Regulatory compliance, security, and audit are in the daily headlines and growing more prominent.The security of the information to which you have been entrusted has never been more critical. The reality of compliance is too complex.

Compliance demands that you work carefully to set up a strong, comprehensive set of policies and controls. That means controls that consider operational data, financial data, unstructured data, spreadsheets, e-mail, and business intelligence data.

We have a responsibility to secure all business data and especially sensitive customer data. Security can be difficult to manage. IBM DB2 for z/OS already resides on one of the most secure platforms in the industry. IBM System z servers are routinely used by enterprises around the world to support their mission-critical applications. The mainframe's strengths in security stem in part from its history of supporting sensitive data for large enterprises, resulting in security features being built into its design for many decades. It also benefits from a system-wide approach with security capabilities built into the hardware, operating systems, databases, key middleware and more. Its highly evolved layers and security management components give it a fundamental advantage over other systems.

Table of contents

  1. Notices
    1. Trademarks
  2. Preface
    1. The team that wrote this book
    2. Become a published author
    3. Comments welcome
  3. Summary of changes
    1. March 2007, Second Edition
  4. Chapter 1: What is new in security
    1. The need for security and protection of privacy
    2. Improved and new facilities
    3. The goals of this book
  5. Chapter 2: Security labels
    1. Security labels and data classification policies
    2. Mandatory access control
    3. Discretionary access control
    4. Security levels and security categories
    5. Defining security labels
    6. Authorizing users to access security labels
    7. Using security labels
    8. Comparing security labels
    9. Security label authorization checking
    10. Using system-specific security labels in a sysplex
    11. Summary
  6. Chapter 3: MLS
    1. MLS overview
      1. What is multilevel security?
      2. Why multilevel security?
      3. Access controls
      4. Introduction to mandatory access control
      5. Multilevel security in z/OS with RACF
      6. DB2 working with multilevel security
      7. Before turning on multilevel security
      8. Multilevel security vocabulary
    2. Common Criteria
      1. IBM System z9 EC and System z9 BC and zSeries 990 achieve prestigious EAL5 assurance certification
      2. zSeries running z/OS
    3. Implementing MLS
      1. Background
      2. Defining SECLABEL names for your situation
      3. Defining resource names to RACF
      4. Defining the attributes of resources
      5. Notes from the MLS book (1/3)
      6. Notes from the MLS book (2/3)
      7. Notes from the MLS book (3/3)
  7. Chapter 4: Vanguard solution
    1. Setting up the basics
    2. Basic Vanguard Administrator navigation
      1. Standard masking
      2. Enhanced masking
      3. QuickGen
    3. Setting up the basic components
    4. Assigning default security labels to users (1/2)
    5. Assigning default security labels to users (2/2)
    6. Labeling existing resources
    7. Measuring our progress
    8. Reviewing SECLABEL use
    9. Summary
  8. Chapter 5: MLS as applied to TCP/IP communications
    1. z/OS TCP/IP and the SERVAUTH class
      1. Stack access control
      2. Network access control
      3. The notion of port of entry (POE)
    2. The MLS networking environment (1/2)
    3. The MLS networking environment (2/2)
    4. Setting up MLS for z/OS TCP/IP communications
      1. Our test configuration
      2. Our test
    5. The big theoretical picture: TCP (1/2)
    6. The big theoretical picture: TCP (2/2)
  9. Chapter 6: DB2 access control overview
    1. Authorization IDs for accessing data within DB2
      1. Processing connections
      2. Processing sign-ons
    2. DB2 managed security
    3. RACF managed security (1/4)
    4. RACF managed security (2/4)
    5. RACF managed security (3/4)
    6. RACF managed security (4/4)
  10. Chapter 7: DB2 and multilevel security
    1. Multilevel security in DB2
    2. Row-level security as a subset of multilevel security
      1. The need for row-level security
      2. DB2 solutions
      3. RACF requirements for basic SECLABEL processing
      4. Write-down in DB2
      5. DB2 row-level security implementation
      6. Accessing data in a table defined with row-level security
      7. DDL for CLONE table
      8. Summary
    3. Additional considerations about row-level security
      1. DB2 utilities and multilevel security
      2. Security labels and indexes
      3. Restrictions when using multilevel security with row granularity
      4. DB2 session variable
      5. Using views to restrict access
    4. DB2 multilevel security implementation at the object level
    5. Sample scenario
      1. Preparation steps
      2. Row-level security applied on SELECT (1/2)
      3. Row-level security applied on SELECT (2/2)
      4. Row-level security applied on INSERT (1/2)
      5. Row-level security applied on INSERT (2/2)
      6. Row-level security applied on UPDATE
      7. Row-level security applied on DELETE
      8. RACF-controlled write-down
    6. Real-world implementation
      1. Introduction
      2. Preparation suggestions
      3. A suggested procedure
      4. Designing the population process
  11. Chapter 8: Network trusted contexts and roles
    1. Existing challenges
    2. Network trusted context
      1. Trusted context DDL, catalog tables
      2. How a trusted connection comes alive and ends
      3. Authid switching within a trusted connection
    3. Roles (1/2)
    4. Roles (2/2)
    5. Trusted contexts, roles, and MLS
    6. Challenges addressed by roles and trusted contexts
    7. Role ownership of objects
      1. Plan and package ownership
      2. Ownership of other objects
    8. Communicating with other systems
    9. Roles and secondary authids
    10. IFCID support for trusted contexts and roles
    11. Examples of roles and trusted contexts
      1. Already verified DRDA requests into a DB2 server
      2. View maintenance on behalf of another user
      3. View maintenance on a view whose schema is not a user ID
      4. Backing up a DBA, assuming the identity of another user ID
      5. Securing DBA activities (1/2)
      6. Securing DBA activities (2/2)
      7. Using a temporary SYSADM role during major ERP release implementation
      8. Reducing risk of a table being dropped by another person
      9. Limiting salary updates from a single source
    12. Summary
  12. Chapter 9: A WebSphere implementation
    1. The architecture behind the application
    2. The implementation
      1. Setting up the application
      2. Setting up the application server
    3. Adding security features
      1. Propagation of user IDs to DB2
      2. Propagation of Windows user IDs to DB2 using EIM
      3. Limiting privileges in DB2 to a single requester location
      4. Improving encryption with SSL (1/2)
      5. Improving encryption with SSL (2/2)
      6. A record trace
  13. Chapter 10: RACF access control module
    1. z/OS environment
      1. Security labels
      2. RACF access control module
      3. DB2
    2. Scenarios
      1. Scenario 1: SETR MLS not active
      2. Scenario 2: SETR MLS active
      3. Scenario 3: SETR MLS not active, RACF profile protection used
      4. Scenario 4: SETR MLS not active, RACF profile protection with SECLABELs in profiles
      5. Scenario 5: SETR MLS active, RACF profile protecting without SECLABELs in profile
      6. Scenario 6: SETR MLS and SETR MLACTIVE active, RACF profile protection
      7. Scenario 7: SETR MLS active, RACF profile protection used with special SECLABELs in profiles
    3. Conclusion
  14. Appendix A: Trusted context syntax (1/3)
  15. Appendix A: Trusted context syntax (2/3)
  16. Appendix A: Trusted context syntax (3/3)
  17. Appendix B: RACF options that control the use of security labels
    1. COMPATMODE and NOCOMPATMODE
    2. MLACTIVE and NOMLACTIVE
    3. MLFSOBJ
    4. MLIPCOBJ
    5. MLNAMES and NOMLNAMES
    6. MLQUIET and NOMLQUIET
    7. MLS and NOMLS
    8. MLSTABLE and NOMLSTABLE
    9. SECLABELAUDIT and NOSECLABELAUDIT
    10. SECLABELCONTROL and NOSECLABELCONTROL
    11. SECLBYSYSTEM and NOSECLBYSYSTEM
  18. Appendix C: Enterprise Identity Mapping
    1. The problem
      1. The benefits of the EIM approach
      2. Recent enhancements to EIM
      3. The EIM implementation concepts
      4. EIM components
    2. The EIM domain controller
      1. Overview of EIM interactions
      2. Content of the EIM domain controller
      3. Access controls to the EIM domain controller and its contents
      4. Setting up the LDAP directory to act as an EIM domain controller
    3. The EIM client
  19. Related publications
    1. IBM Redbooks
    2. Other publications
    3. Online resources
    4. How to get IBM Redbooks
    5. Help from IBM
  20. Index (1/3)
  21. Index (2/3)
  22. Index (3/3)
  23. Back cover

Product information

  • Title: Securing DB2 and Implementing MLS on z/OS
  • Author(s): Chris Rayns, Doug Behrends, Rick Butler, Kirsten Ann Larsen, Maggie Lin, Glenn Yuki
  • Release date: April 2007
  • Publisher(s): IBM Redbooks
  • ISBN: None