SlideShare ist ein Scribd-Unternehmen logo

The Mainframe's Role in Enterprise Security Management - Jean-Marc Darees

NRB
NRB

We are expecting more and more from our IBM z Systems. Our critical data and applications are nested in our IBM z Systems infrastructure, and more than ever it positions itself as the security hub. It now exports services to secure distributed environment thanks to its security as a services capabilities. During this lecture, Mr Darées talks about z Systems Roles for security in most of today’s hot topics (compliance, Database encryption, Tokenization, Digital Certificates, ...).

Technologie
1 von 19
Downloaden Sie, um offline zu lesen
© Copyright IBM Corporation 2016. The Mainframe’s Role in Enterprise Security Management Jean Marc Darées IT Architect, Security on IBM z Systems
1© Copyright IBM Corporation 2016 • End to end security • Crypto Monster • Security certification Agenda
2© Copyright IBM Corporation 2016 Security leaders are more accountable than ever before Source: Discussions with more than 13,000 C-suite executives as part of the IBM C-suite Study Series Loss of market share and reputation Legal exposure Audit failure Fines and criminal charges Financial loss Loss of data confidentiality, integrity and/or availability Violation of employee privacy Loss of customer trust Loss of brand reputation CEO CFO/COO CIO CHRO CMO Security a must for the Business
3© Copyright IBM Corporation 2016 Security Projects use z Systems features. Security in the core of the mainframe design
4© Copyright IBM Corporation 2016 © Copyright IBM Corporation 2015 System Z unique: the full portfolio End to End security • IDENTITY & ACCESS • Enable secure collaboration with internal and external users with controlled and secure access to information, applications and assets • DATA SECURITY • Protect and secure your data and information assets • APPLICATION SECURITY • Continuously manage, monitor and audit application security • INFRASTRUCTURE SECURITY • Comprehensive threat and vulnerability management across networks, servers and end-points • SECURITY COMPLIANCE • Demonstrable policy enforcement aligned to regulations, standards, laws, agreements (PCI, FISMA, etc..)
5© Copyright IBM Corporation 2016 RACF Enables application and database security without modifying applications Can reduce security complexity and expense: • Central security process that is easy to apply to new workloads or as user base increases • Tracks activity to address audit and compliance requirements Hardware Architecture z/OS Networks Data & Applications Administration Authentication Authorization Administration Auditing Resource Access Control Facility (RACF) IDENTITY & ACCESS EAL5: https://www.bsi.bund.de/ContentBSI/EN/Topics/Certification/newcertificates.html
6© Copyright IBM Corporation 2016 z/OS PKI Services : Ready to use on zOS IDENTITY & ACCESS
7© Copyright IBM Corporation 2016 Execute what you trust !!! APPLICATION SECURITY Code signing • Code signing for Program Objects in PDSEs • Support in Program Management Binder & Loader • System SSL support for a new mode of operation designed to meet NIST FIPS 140-2 Level 1 criteria • AT-TLS support for FIPS 140-2
8© Copyright IBM Corporation 2016 HW Crypto in z Systems DATA SECURITY/ INFRASTRUCTURE SECURITY/IDENTITY & ACCESS CPC Drawer Smart Cards Crypto Express5S Smart Card Readers PU SCM Each PU is capable of having the CPACF function PCIe I/O drawers Trusted Key Entry (TKE) TKE required for management of Crypto Express5S and EP11 FIPS 140-2 Level 4
9© Copyright IBM Corporation 2016 Secured Connections Security Projects can count on z Systems features. We are expecting more and more from our Mainframe
10© Copyright IBM Corporation 2016 z13 a Crypto monster … RSA-AES-128-GCM-SHA256 TLS 1.2 0,0 5000,0 10000,0 15000,0 20000,0 25000,0 30000,0 Software 1 Acc 2 Acc 3 Acc 4 Acc 5 Acc 6 Acc RSA-2048 SSL HS/s - Crypto Card Scalability Software 1 Acc 2 Acc 3 Acc 4 Acc 5 Acc 6 Acc
11© Copyright IBM Corporation 2016 Database Encryption & Data Tokenization Security Projects can count on z Systems features. DATA SECURITY
12© Copyright IBM Corporation 2016 Encryption on DB2 / IMS : Easy, Efficient , No change • No need to change your application with z/OS Infosphere Guardium Encryption for DB2 & IMS. • Prefect integration with the IDENTITY & ACCESS management RACF • Prefect integration with the zOS Cryptographic function ICSF • Low performance impact thanks to the crypto hardware accelerator CPACF
13© Copyright IBM Corporation 2016 Complete Key Management solution • Dual control for access /Separation of duties • Restrict access to cryptographic keys to the fewest number of custodians necessary. • Store cryptographic keys securely in the fewest possible locations and forms • Secure cryptographic key storage: tamper responsive cryptographic hardware • Cryptographic key changes for keys that have reached the end of their crypto period (key rotation) • Fully document and implement all key- management processes and procedures for cryptographic keys. • Key changes in accordance with recommended crypto periods (ie. NIST SP800-57) • Audit trails for all key management operations EKMF EKMF Browsers EKMF Workstation
14© Copyright IBM Corporation 2016 Tokenization's solution are available on z Irreversible Tokens Irreversible tokens can never be converted back to the original PAN. It is not possible in any circumstance for any party to obtain a PAN from its irreversible token, either through analysis or from any kind of stored data extraction. Authenticatable Irreversible Non Authenticatable Irreversible Reversible Tokens Reversible tokens provide the possibility for entities using or producing tokens to obtain the original PAN from the token. Reversible tokens have the potential to become a PAN again by the process of de-tokenization. Reversible tokens can be mapped to a unique PAN or multiple tokens may map back to the same PAN depending on technology used. If it is technically possible for a token to be de-tokenized, a product is considered to be a reversible tokenization product even if the entity producing the tokens does not intend to permit de- tokenization. Reversible Cryptographic Reversible Non-Cryptographic Tokens Mainframe Technologies Available Performances SHA512 = 3,5GB/s / C Security CEX5S as Co- ProcesMainframe Granularity CPACF, CEX5S APIs z/OS, zLinux, APIM Standards SHA, SHA256, SHA384, SHA512, SHA3
15© Copyright IBM Corporation 2016 z Systems Security Certifications z/OS z/VM Linux Linux Linux Virtualization with partitions Cryptography  z13 Common Criteria evaluation −Common Criteria EAL5+ with specific target of evaluation -- LPAR: Logical partitions  Crypto Express5 Coprocessor −FIPS 140-2 level 4 −Approved by German ZKA −  CP Assist −FIPS 197 (AES) −FIPS 46-3 (TDES) −FIPS 180-3 (Secure Hash) The IBM z13 is designed for Common Criteria Evaluation Assurance Level 5+ certification for security of logical partitions. The Common Criteria program establishes an organizational and technical framework to evaluate the trustworthiness of IT Products and protection profiles z/VM  Common Criteria − z/VM V6.1 is EAL 4+ for OSPP  z/VM V6.3 System SSL FIPS 140-2 certification pending.  System Integrity Statement z/OS  Common Criteria EAL4+ − with CAPP and LSPP − z/OS V1.7  V1.10 + RACF − z/OS V1.11 + RACF (OSPP) − z/OS V1.12, z/OS V1.13, − z/OS V2R1 (OSPP) Sept ‘14  Common Criteria EAL5+ − RACF V1R12 (OSPP) − RACF V1R13 (OSPP) − RACF V2R1 OSPP  z/OS 1.10 IPv6 Certification by JITC  IdenTrust™ certification for z/OS PKI Services  FIPS 140-2 − System SSL z/OS V1.10  V1.13 − z/OS ICSF PKCS#11 Services • z/OS V1.11  z/OS V1.13  Statement of Integrity Linux on z Systems  Common Criteria − SUSE SLES11 SP2 certified at EAL4+ with OSPP − Red Hat EL6.2 EAL4+ with CAPP and LSPP  OpenSSL - FIPS 140-2 Level 1 Validated  CP Assist - SHA-1 validated for FIPS 180-1 - DES & TDES validated for FIPS 46-3
16© Copyright IBM Corporation 2016 • End to end • With Optimum performance • With Latest Security certifications Security on Mainframe :
© Copyright IBM Corporation 2016.
18© Copyright IBM Corporation 2016 © Copyright IBM Corporation 2015 Join us in Montpellier at the IBM System z Security Conference and enhance your security skills to achieve your security projects September 27/ 30th Montpellier France 2016

Empfohlen

Mainframe Day 2016 - Wrap up of the day - Henri Arnold
Mainframe Day 2016 - Wrap up of the day - Henri ArnoldMainframe Day 2016 - Wrap up of the day - Henri Arnold
Mainframe Day 2016 - Wrap up of the day - Henri ArnoldNRB
 
z Systems redefining Enterprise IT for digital business - Alain Poquillon
z Systems redefining Enterprise IT for digital business - Alain Poquillonz Systems redefining Enterprise IT for digital business - Alain Poquillon
z Systems redefining Enterprise IT for digital business - Alain PoquillonNRB
 
Outsourcing SDWorx Mainframe environment - Lily Craps
Outsourcing SDWorx Mainframe environment - Lily CrapsOutsourcing SDWorx Mainframe environment - Lily Craps
Outsourcing SDWorx Mainframe environment - Lily CrapsNRB
 
State of the Mainframe for 2017
State of the Mainframe for 2017State of the Mainframe for 2017
State of the Mainframe for 2017Precisely
 
NRB - BE MAINFRAME DAY 2017 - Wrap up
NRB - BE MAINFRAME DAY 2017 - Wrap upNRB - BE MAINFRAME DAY 2017 - Wrap up
NRB - BE MAINFRAME DAY 2017 - Wrap upNRB
 
E3: Edge and Cloud Connectivity (Predix Transform 2016)
E3: Edge and Cloud Connectivity (Predix Transform 2016)E3: Edge and Cloud Connectivity (Predix Transform 2016)
E3: Edge and Cloud Connectivity (Predix Transform 2016)Predix
 
Introducing MFX for z/OS 2.1 & ZPSaver Suite
Introducing MFX for z/OS 2.1 & ZPSaver SuiteIntroducing MFX for z/OS 2.1 & ZPSaver Suite
Introducing MFX for z/OS 2.1 & ZPSaver SuitePrecisely
 
IND3: Predix for Transportation (Predix Transform 2016)
IND3: Predix for Transportation (Predix Transform 2016)IND3: Predix for Transportation (Predix Transform 2016)
IND3: Predix for Transportation (Predix Transform 2016)Predix
 

Empfohlen

Mainframe Day 2016 - Wrap up of the day - Henri Arnold
Mainframe Day 2016 - Wrap up of the day - Henri ArnoldMainframe Day 2016 - Wrap up of the day - Henri Arnold
Mainframe Day 2016 - Wrap up of the day - Henri ArnoldNRB
 
z Systems redefining Enterprise IT for digital business - Alain Poquillon
z Systems redefining Enterprise IT for digital business - Alain Poquillonz Systems redefining Enterprise IT for digital business - Alain Poquillon
z Systems redefining Enterprise IT for digital business - Alain PoquillonNRB
 
Outsourcing SDWorx Mainframe environment - Lily Craps
Outsourcing SDWorx Mainframe environment - Lily CrapsOutsourcing SDWorx Mainframe environment - Lily Craps
Outsourcing SDWorx Mainframe environment - Lily CrapsNRB
 
State of the Mainframe for 2017
State of the Mainframe for 2017State of the Mainframe for 2017
State of the Mainframe for 2017Precisely
 
NRB - BE MAINFRAME DAY 2017 - Wrap up
NRB - BE MAINFRAME DAY 2017 - Wrap upNRB - BE MAINFRAME DAY 2017 - Wrap up
NRB - BE MAINFRAME DAY 2017 - Wrap upNRB
 
E3: Edge and Cloud Connectivity (Predix Transform 2016)
E3: Edge and Cloud Connectivity (Predix Transform 2016)E3: Edge and Cloud Connectivity (Predix Transform 2016)
E3: Edge and Cloud Connectivity (Predix Transform 2016)Predix
 
Introducing MFX for z/OS 2.1 & ZPSaver Suite
Introducing MFX for z/OS 2.1 & ZPSaver SuiteIntroducing MFX for z/OS 2.1 & ZPSaver Suite
Introducing MFX for z/OS 2.1 & ZPSaver SuitePrecisely
 
IND3: Predix for Transportation (Predix Transform 2016)
IND3: Predix for Transportation (Predix Transform 2016)IND3: Predix for Transportation (Predix Transform 2016)
IND3: Predix for Transportation (Predix Transform 2016)Predix
 
IIA8: Smartsignal Goes Microservices (Predix Transform 2016)
IIA8: Smartsignal Goes Microservices (Predix Transform 2016)IIA8: Smartsignal Goes Microservices (Predix Transform 2016)
IIA8: Smartsignal Goes Microservices (Predix Transform 2016)Predix
 
D02: Performance Engineering and Testing of Predix Apps (Predix Transform 2016)
D02: Performance Engineering and Testing of Predix Apps (Predix Transform 2016)D02: Performance Engineering and Testing of Predix Apps (Predix Transform 2016)
D02: Performance Engineering and Testing of Predix Apps (Predix Transform 2016)Predix
 
Cloud Foundry Summit 2015: Cloud Foundry and IoT Protocol Support
Cloud Foundry Summit 2015: Cloud Foundry and IoT Protocol SupportCloud Foundry Summit 2015: Cloud Foundry and IoT Protocol Support
Cloud Foundry Summit 2015: Cloud Foundry and IoT Protocol SupportVMware Tanzu
 
PEM2: Control Applications Portfolio from GE Power
PEM2: Control Applications Portfolio from GE PowerPEM2: Control Applications Portfolio from GE Power
PEM2: Control Applications Portfolio from GE PowerPredix
 
PAM1: Managing Assets at Scale
PAM1: Managing Assets at ScalePAM1: Managing Assets at Scale
PAM1: Managing Assets at ScalePredix
 
Edge and 5G: What is in it for the developers?
Edge and 5G: What is in it for the developers?Edge and 5G: What is in it for the developers?
Edge and 5G: What is in it for the developers?Michelle Holley
 
D4: Predix Cool Features (Predix Transform 2016)
D4: Predix Cool Features (Predix Transform 2016) D4: Predix Cool Features (Predix Transform 2016)
D4: Predix Cool Features (Predix Transform 2016) Predix
 
Extent 2013 Obninsk High Performance Messaging
Extent 2013 Obninsk High Performance MessagingExtent 2013 Obninsk High Performance Messaging
Extent 2013 Obninsk High Performance Messagingextentconf Tsoy
 
Pas3 Tenancy Design Patterns (Predix Transform 2016)
Pas3 Tenancy Design Patterns (Predix Transform 2016)Pas3 Tenancy Design Patterns (Predix Transform 2016)
Pas3 Tenancy Design Patterns (Predix Transform 2016)ferminordaz
 
NRB MAINFRAME DAY 05 - Paul Pilotto - How to extract business rules from Lega...
NRB MAINFRAME DAY 05 - Paul Pilotto - How to extract business rules from Lega...NRB MAINFRAME DAY 05 - Paul Pilotto - How to extract business rules from Lega...
NRB MAINFRAME DAY 05 - Paul Pilotto - How to extract business rules from Lega...NRB
 
Big Data Analytics for Real-time Operational Intelligence with Your z/OS Data
Big Data Analytics for Real-time Operational Intelligence with Your z/OS DataBig Data Analytics for Real-time Operational Intelligence with Your z/OS Data
Big Data Analytics for Real-time Operational Intelligence with Your z/OS DataPrecisely
 
IIA1: Industrial Control Systems 101 (Predix Transform 2016)
IIA1: Industrial Control Systems 101 (Predix Transform 2016)IIA1: Industrial Control Systems 101 (Predix Transform 2016)
IIA1: Industrial Control Systems 101 (Predix Transform 2016)Predix
 
E4: Building Your First Predix App (Predix Transform 2016)
E4: Building Your First Predix App (Predix Transform 2016)E4: Building Your First Predix App (Predix Transform 2016)
E4: Building Your First Predix App (Predix Transform 2016)Predix
 
inmation Presentation_2017
inmation Presentation_2017inmation Presentation_2017
inmation Presentation_2017inmation Software GmbH
 
PCF1: Cloud Foundry Diego ( Predix Transform 2016)
PCF1: Cloud Foundry Diego ( Predix Transform 2016)PCF1: Cloud Foundry Diego ( Predix Transform 2016)
PCF1: Cloud Foundry Diego ( Predix Transform 2016)Predix
 
Why and How to Monitor App Performance in Azure
Why and How to Monitor App Performance in AzureWhy and How to Monitor App Performance in Azure
Why and How to Monitor App Performance in AzureIan Downard
 
Riverbed Performance Management
Riverbed Performance ManagementRiverbed Performance Management
Riverbed Performance ManagementCTI Group
 
Riverbed Remote Office/Branch Office IT Survey
Riverbed Remote Office/Branch Office IT SurveyRiverbed Remote Office/Branch Office IT Survey
Riverbed Remote Office/Branch Office IT SurveyRiverbed Technology
 
Closed Loop Platform Automation - Tong Zhong & Emma Collins
Closed Loop Platform Automation - Tong Zhong & Emma CollinsClosed Loop Platform Automation - Tong Zhong & Emma Collins
Closed Loop Platform Automation - Tong Zhong & Emma CollinsLiz Warner
 
SAP HANA on POWER9 systems
SAP HANA on POWER9 systemsSAP HANA on POWER9 systems
SAP HANA on POWER9 systemsGanesan Narayanasamy
 
3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure Enterprise3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure EnterpriseIBM Security
 
Enterprise security architecture using ibm tivoli security solutions sg246014
Enterprise security architecture using ibm tivoli security solutions sg246014Enterprise security architecture using ibm tivoli security solutions sg246014
Enterprise security architecture using ibm tivoli security solutions sg246014Banking at Ho Chi Minh city
 

Weitere ähnliche Inhalte

Was ist angesagt?

IIA8: Smartsignal Goes Microservices (Predix Transform 2016)
IIA8: Smartsignal Goes Microservices (Predix Transform 2016)IIA8: Smartsignal Goes Microservices (Predix Transform 2016)
IIA8: Smartsignal Goes Microservices (Predix Transform 2016)Predix
 
D02: Performance Engineering and Testing of Predix Apps (Predix Transform 2016)
D02: Performance Engineering and Testing of Predix Apps (Predix Transform 2016)D02: Performance Engineering and Testing of Predix Apps (Predix Transform 2016)
D02: Performance Engineering and Testing of Predix Apps (Predix Transform 2016)Predix
 
Cloud Foundry Summit 2015: Cloud Foundry and IoT Protocol Support
Cloud Foundry Summit 2015: Cloud Foundry and IoT Protocol SupportCloud Foundry Summit 2015: Cloud Foundry and IoT Protocol Support
Cloud Foundry Summit 2015: Cloud Foundry and IoT Protocol SupportVMware Tanzu
 
PEM2: Control Applications Portfolio from GE Power
PEM2: Control Applications Portfolio from GE PowerPEM2: Control Applications Portfolio from GE Power
PEM2: Control Applications Portfolio from GE PowerPredix
 
PAM1: Managing Assets at Scale
PAM1: Managing Assets at ScalePAM1: Managing Assets at Scale
PAM1: Managing Assets at ScalePredix
 
Edge and 5G: What is in it for the developers?
Edge and 5G: What is in it for the developers?Edge and 5G: What is in it for the developers?
Edge and 5G: What is in it for the developers?Michelle Holley
 
D4: Predix Cool Features (Predix Transform 2016)
D4: Predix Cool Features (Predix Transform 2016) D4: Predix Cool Features (Predix Transform 2016)
D4: Predix Cool Features (Predix Transform 2016) Predix
 
Extent 2013 Obninsk High Performance Messaging
Extent 2013 Obninsk High Performance MessagingExtent 2013 Obninsk High Performance Messaging
Extent 2013 Obninsk High Performance Messagingextentconf Tsoy
 
Pas3 Tenancy Design Patterns (Predix Transform 2016)
Pas3 Tenancy Design Patterns (Predix Transform 2016)Pas3 Tenancy Design Patterns (Predix Transform 2016)
Pas3 Tenancy Design Patterns (Predix Transform 2016)ferminordaz
 
NRB MAINFRAME DAY 05 - Paul Pilotto - How to extract business rules from Lega...
NRB MAINFRAME DAY 05 - Paul Pilotto - How to extract business rules from Lega...NRB MAINFRAME DAY 05 - Paul Pilotto - How to extract business rules from Lega...
NRB MAINFRAME DAY 05 - Paul Pilotto - How to extract business rules from Lega...NRB
 
Big Data Analytics for Real-time Operational Intelligence with Your z/OS Data
Big Data Analytics for Real-time Operational Intelligence with Your z/OS DataBig Data Analytics for Real-time Operational Intelligence with Your z/OS Data
Big Data Analytics for Real-time Operational Intelligence with Your z/OS DataPrecisely
 
IIA1: Industrial Control Systems 101 (Predix Transform 2016)
IIA1: Industrial Control Systems 101 (Predix Transform 2016)IIA1: Industrial Control Systems 101 (Predix Transform 2016)
IIA1: Industrial Control Systems 101 (Predix Transform 2016)Predix
 
E4: Building Your First Predix App (Predix Transform 2016)
E4: Building Your First Predix App (Predix Transform 2016)E4: Building Your First Predix App (Predix Transform 2016)
E4: Building Your First Predix App (Predix Transform 2016)Predix
 
PCF1: Cloud Foundry Diego ( Predix Transform 2016)
PCF1: Cloud Foundry Diego ( Predix Transform 2016)PCF1: Cloud Foundry Diego ( Predix Transform 2016)
PCF1: Cloud Foundry Diego ( Predix Transform 2016)Predix
 
Why and How to Monitor App Performance in Azure
Why and How to Monitor App Performance in AzureWhy and How to Monitor App Performance in Azure
Why and How to Monitor App Performance in AzureIan Downard
 
Riverbed Performance Management
Riverbed Performance ManagementRiverbed Performance Management
Riverbed Performance ManagementCTI Group
 
Riverbed Remote Office/Branch Office IT Survey
Riverbed Remote Office/Branch Office IT SurveyRiverbed Remote Office/Branch Office IT Survey
Riverbed Remote Office/Branch Office IT SurveyRiverbed Technology
 
Closed Loop Platform Automation - Tong Zhong & Emma Collins
Closed Loop Platform Automation - Tong Zhong & Emma CollinsClosed Loop Platform Automation - Tong Zhong & Emma Collins
Closed Loop Platform Automation - Tong Zhong & Emma CollinsLiz Warner
 

Was ist angesagt? (20)

IIA8: Smartsignal Goes Microservices (Predix Transform 2016)
IIA8: Smartsignal Goes Microservices (Predix Transform 2016)IIA8: Smartsignal Goes Microservices (Predix Transform 2016)
IIA8: Smartsignal Goes Microservices (Predix Transform 2016)
 
D02: Performance Engineering and Testing of Predix Apps (Predix Transform 2016)
D02: Performance Engineering and Testing of Predix Apps (Predix Transform 2016)D02: Performance Engineering and Testing of Predix Apps (Predix Transform 2016)
D02: Performance Engineering and Testing of Predix Apps (Predix Transform 2016)
 
Cloud Foundry Summit 2015: Cloud Foundry and IoT Protocol Support
Cloud Foundry Summit 2015: Cloud Foundry and IoT Protocol SupportCloud Foundry Summit 2015: Cloud Foundry and IoT Protocol Support
Cloud Foundry Summit 2015: Cloud Foundry and IoT Protocol Support
 
PEM2: Control Applications Portfolio from GE Power
PEM2: Control Applications Portfolio from GE PowerPEM2: Control Applications Portfolio from GE Power
PEM2: Control Applications Portfolio from GE Power
 
PAM1: Managing Assets at Scale
PAM1: Managing Assets at ScalePAM1: Managing Assets at Scale
PAM1: Managing Assets at Scale
 
Edge and 5G: What is in it for the developers?
Edge and 5G: What is in it for the developers?Edge and 5G: What is in it for the developers?
Edge and 5G: What is in it for the developers?
 
D4: Predix Cool Features (Predix Transform 2016)
D4: Predix Cool Features (Predix Transform 2016) D4: Predix Cool Features (Predix Transform 2016)
D4: Predix Cool Features (Predix Transform 2016)
 
Extent 2013 Obninsk High Performance Messaging
Extent 2013 Obninsk High Performance MessagingExtent 2013 Obninsk High Performance Messaging
Extent 2013 Obninsk High Performance Messaging
 
Pas3 Tenancy Design Patterns (Predix Transform 2016)
Pas3 Tenancy Design Patterns (Predix Transform 2016)Pas3 Tenancy Design Patterns (Predix Transform 2016)
Pas3 Tenancy Design Patterns (Predix Transform 2016)
 
NRB MAINFRAME DAY 05 - Paul Pilotto - How to extract business rules from Lega...
NRB MAINFRAME DAY 05 - Paul Pilotto - How to extract business rules from Lega...NRB MAINFRAME DAY 05 - Paul Pilotto - How to extract business rules from Lega...
NRB MAINFRAME DAY 05 - Paul Pilotto - How to extract business rules from Lega...
 
Big Data Analytics for Real-time Operational Intelligence with Your z/OS Data
Big Data Analytics for Real-time Operational Intelligence with Your z/OS DataBig Data Analytics for Real-time Operational Intelligence with Your z/OS Data
Big Data Analytics for Real-time Operational Intelligence with Your z/OS Data
 
IIA1: Industrial Control Systems 101 (Predix Transform 2016)
IIA1: Industrial Control Systems 101 (Predix Transform 2016)IIA1: Industrial Control Systems 101 (Predix Transform 2016)
IIA1: Industrial Control Systems 101 (Predix Transform 2016)
 
E4: Building Your First Predix App (Predix Transform 2016)
E4: Building Your First Predix App (Predix Transform 2016)E4: Building Your First Predix App (Predix Transform 2016)
E4: Building Your First Predix App (Predix Transform 2016)
 
inmation Presentation_2017
inmation Presentation_2017inmation Presentation_2017
inmation Presentation_2017
 
PCF1: Cloud Foundry Diego ( Predix Transform 2016)
PCF1: Cloud Foundry Diego ( Predix Transform 2016)PCF1: Cloud Foundry Diego ( Predix Transform 2016)
PCF1: Cloud Foundry Diego ( Predix Transform 2016)
 
Why and How to Monitor App Performance in Azure
Why and How to Monitor App Performance in AzureWhy and How to Monitor App Performance in Azure
Why and How to Monitor App Performance in Azure
 
Riverbed Performance Management
Riverbed Performance ManagementRiverbed Performance Management
Riverbed Performance Management
 
Riverbed Remote Office/Branch Office IT Survey
Riverbed Remote Office/Branch Office IT SurveyRiverbed Remote Office/Branch Office IT Survey
Riverbed Remote Office/Branch Office IT Survey
 
Closed Loop Platform Automation - Tong Zhong & Emma Collins
Closed Loop Platform Automation - Tong Zhong & Emma CollinsClosed Loop Platform Automation - Tong Zhong & Emma Collins
Closed Loop Platform Automation - Tong Zhong & Emma Collins
 
SAP HANA on POWER9 systems
SAP HANA on POWER9 systemsSAP HANA on POWER9 systems
SAP HANA on POWER9 systems
 

Andere mochten auch

3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure Enterprise3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure EnterpriseIBM Security
 
Enterprise security architecture using ibm tivoli security solutions sg246014
Enterprise security architecture using ibm tivoli security solutions sg246014Enterprise security architecture using ibm tivoli security solutions sg246014
Enterprise security architecture using ibm tivoli security solutions sg246014Banking at Ho Chi Minh city
 
Oracle Enterprise Manager Security: A Practitioners Guide
Oracle Enterprise Manager Security: A Practitioners GuideOracle Enterprise Manager Security: A Practitioners Guide
Oracle Enterprise Manager Security: A Practitioners GuideCourtney Llamas
 
z/OS Communications Server Overview
z/OS Communications Server Overviewz/OS Communications Server Overview
z/OS Communications Server OverviewzOSCommserver
 
PwC Point of View on Cybersecurity Management
PwC Point of View on Cybersecurity ManagementPwC Point of View on Cybersecurity Management
PwC Point of View on Cybersecurity ManagementCA Technologies
 
Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 

Andere mochten auch (7)

3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure Enterprise3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure Enterprise
 
Enterprise security architecture using ibm tivoli security solutions sg246014
Enterprise security architecture using ibm tivoli security solutions sg246014Enterprise security architecture using ibm tivoli security solutions sg246014
Enterprise security architecture using ibm tivoli security solutions sg246014
 
Oracle a TBIZ2011
Oracle a TBIZ2011Oracle a TBIZ2011
Oracle a TBIZ2011
 
Oracle Enterprise Manager Security: A Practitioners Guide
Oracle Enterprise Manager Security: A Practitioners GuideOracle Enterprise Manager Security: A Practitioners Guide
Oracle Enterprise Manager Security: A Practitioners Guide
 
z/OS Communications Server Overview
z/OS Communications Server Overviewz/OS Communications Server Overview
z/OS Communications Server Overview
 
PwC Point of View on Cybersecurity Management
PwC Point of View on Cybersecurity ManagementPwC Point of View on Cybersecurity Management
PwC Point of View on Cybersecurity Management
 
Security architecture
Security architectureSecurity architecture
Security architecture
 

Ähnlich wie The Mainframe's Role in Enterprise Security Management - Jean-Marc Darees

Z111806 strengthen-security-sydney-v1910a
Z111806 strengthen-security-sydney-v1910aZ111806 strengthen-security-sydney-v1910a
Z111806 strengthen-security-sydney-v1910aTony Pearson
 
Strengthen your security posture! Getting started with IBM Z Pervasive Encryp...
Strengthen your security posture! Getting started with IBM Z Pervasive Encryp...Strengthen your security posture! Getting started with IBM Z Pervasive Encryp...
Strengthen your security posture! Getting started with IBM Z Pervasive Encryp...Tony Pearson
 
Z110932 strengthen-security-jburg-v1909c
Z110932 strengthen-security-jburg-v1909cZ110932 strengthen-security-jburg-v1909c
Z110932 strengthen-security-jburg-v1909cTony Pearson
 
What's New in Security for IBM i?
What's New in Security for IBM i?What's New in Security for IBM i?
What's New in Security for IBM i?HelpSystems
 
z/OS V2R3 Communications Server Content Preview
z/OS V2R3 Communications Server Content Previewz/OS V2R3 Communications Server Content Preview
z/OS V2R3 Communications Server Content PreviewzOSCommserver
 
IBM z/OS Communications Server z/OS Encryption Readiness Technology (zERT)
IBM z/OS Communications Server z/OS Encryption Readiness Technology (zERT)IBM z/OS Communications Server z/OS Encryption Readiness Technology (zERT)
IBM z/OS Communications Server z/OS Encryption Readiness Technology (zERT)zOSCommserver
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEELinaro
 
Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17LennartF
 
Představení Oracle SPARC Miniclusteru
Představení Oracle SPARC MiniclusteruPředstavení Oracle SPARC Miniclusteru
Představení Oracle SPARC MiniclusteruMarketingArrowECS_CZ
 
RISC-V growth and successes in technology and industry - embedded world 2021
RISC-V growth and successes in technology and industry - embedded world 2021RISC-V growth and successes in technology and industry - embedded world 2021
RISC-V growth and successes in technology and industry - embedded world 2021RISC-V International
 
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...Ramesh Nagappan
 
Thesis presentation
Thesis presentationThesis presentation
Thesis presentationCHIACHE lee
 
Secure Channels Presentation
Secure Channels PresentationSecure Channels Presentation
Secure Channels PresentationRichard Blech
 
IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...
IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...
IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...IRJET Journal
 
secure-manager-introduction-v1.pdf
secure-manager-introduction-v1.pdfsecure-manager-introduction-v1.pdf
secure-manager-introduction-v1.pdfssuser64a562
 
CisCon 2018 - Analytics per Storage Area Networks
CisCon 2018 - Analytics per Storage Area NetworksCisCon 2018 - Analytics per Storage Area Networks
CisCon 2018 - Analytics per Storage Area NetworksAreaNetworking.it
 
Secure channels main deck
Secure channels main deckSecure channels main deck
Secure channels main deckRichard Blech
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionLinaro
 
Bloombase Spitfire KeyCastle Payment Systems Key Server Specifications
Bloombase Spitfire KeyCastle Payment Systems Key Server SpecificationsBloombase Spitfire KeyCastle Payment Systems Key Server Specifications
Bloombase Spitfire KeyCastle Payment Systems Key Server SpecificationsBloombase
 

Ähnlich wie The Mainframe's Role in Enterprise Security Management - Jean-Marc Darees (20)

Z111806 strengthen-security-sydney-v1910a
Z111806 strengthen-security-sydney-v1910aZ111806 strengthen-security-sydney-v1910a
Z111806 strengthen-security-sydney-v1910a
 
Strengthen your security posture! Getting started with IBM Z Pervasive Encryp...
Strengthen your security posture! Getting started with IBM Z Pervasive Encryp...Strengthen your security posture! Getting started with IBM Z Pervasive Encryp...
Strengthen your security posture! Getting started with IBM Z Pervasive Encryp...
 
Z110932 strengthen-security-jburg-v1909c
Z110932 strengthen-security-jburg-v1909cZ110932 strengthen-security-jburg-v1909c
Z110932 strengthen-security-jburg-v1909c
 
What's New in Security for IBM i?
What's New in Security for IBM i?What's New in Security for IBM i?
What's New in Security for IBM i?
 
z/OS V2R3 Communications Server Content Preview
z/OS V2R3 Communications Server Content Previewz/OS V2R3 Communications Server Content Preview
z/OS V2R3 Communications Server Content Preview
 
IBM z/OS Communications Server z/OS Encryption Readiness Technology (zERT)
IBM z/OS Communications Server z/OS Encryption Readiness Technology (zERT)IBM z/OS Communications Server z/OS Encryption Readiness Technology (zERT)
IBM z/OS Communications Server z/OS Encryption Readiness Technology (zERT)
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
 
Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17
 
Představení Oracle SPARC Miniclusteru
Představení Oracle SPARC MiniclusteruPředstavení Oracle SPARC Miniclusteru
Představení Oracle SPARC Miniclusteru
 
HSM Basic Training
HSM Basic TrainingHSM Basic Training
HSM Basic Training
 
RISC-V growth and successes in technology and industry - embedded world 2021
RISC-V growth and successes in technology and industry - embedded world 2021RISC-V growth and successes in technology and industry - embedded world 2021
RISC-V growth and successes in technology and industry - embedded world 2021
 
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
 
Thesis presentation
Thesis presentationThesis presentation
Thesis presentation
 
Secure Channels Presentation
Secure Channels PresentationSecure Channels Presentation
Secure Channels Presentation
 
IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...
IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...
IRJET- Public Key Infrastructure (PKI) Understanding for Vxworks RTOS using A...
 
secure-manager-introduction-v1.pdf
secure-manager-introduction-v1.pdfsecure-manager-introduction-v1.pdf
secure-manager-introduction-v1.pdf
 
CisCon 2018 - Analytics per Storage Area Networks
CisCon 2018 - Analytics per Storage Area NetworksCisCon 2018 - Analytics per Storage Area Networks
CisCon 2018 - Analytics per Storage Area Networks
 
Secure channels main deck
Secure channels main deckSecure channels main deck
Secure channels main deck
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: Introduction
 
Bloombase Spitfire KeyCastle Payment Systems Key Server Specifications
Bloombase Spitfire KeyCastle Payment Systems Key Server SpecificationsBloombase Spitfire KeyCastle Payment Systems Key Server Specifications
Bloombase Spitfire KeyCastle Payment Systems Key Server Specifications
 

Mehr von NRB

Le Groupe NRB : Le meilleur partenaire pour votre z/modernisation
Le Groupe NRB : Le meilleur partenaire pour votre z/modernisationLe Groupe NRB : Le meilleur partenaire pour votre z/modernisation
Le Groupe NRB : Le meilleur partenaire pour votre z/modernisationNRB
 
Mainframe Day 2022 -The NRB Group - the best partner of your z-modernization.pdf
Mainframe Day 2022 -The NRB Group - the best partner of your z-modernization.pdfMainframe Day 2022 -The NRB Group - the best partner of your z-modernization.pdf
Mainframe Day 2022 -The NRB Group - the best partner of your z-modernization.pdfNRB
 
The NRB Group mainframe day 2021 - Containerisation on Z - Paul Pilotto - Seb...
The NRB Group mainframe day 2021 - Containerisation on Z - Paul Pilotto - Seb...The NRB Group mainframe day 2021 - Containerisation on Z - Paul Pilotto - Seb...
The NRB Group mainframe day 2021 - Containerisation on Z - Paul Pilotto - Seb...NRB
 
The NRB Group mainframe day 2021 - New Programming Languages on Z - Frank Van...
The NRB Group mainframe day 2021 - New Programming Languages on Z - Frank Van...The NRB Group mainframe day 2021 - New Programming Languages on Z - Frank Van...
The NRB Group mainframe day 2021 - New Programming Languages on Z - Frank Van...NRB
 
The NRB Group mainframe day 2021 - DevOps on Z - Jerome Klimm - Benoit Ebner
The NRB Group mainframe day 2021 - DevOps on Z - Jerome Klimm - Benoit EbnerThe NRB Group mainframe day 2021 - DevOps on Z - Jerome Klimm - Benoit Ebner
The NRB Group mainframe day 2021 - DevOps on Z - Jerome Klimm - Benoit EbnerNRB
 
The NRB Group mainframe day 2021 - Application Modernisation On Z - Sebastien...
The NRB Group mainframe day 2021 - Application Modernisation On Z - Sebastien...The NRB Group mainframe day 2021 - Application Modernisation On Z - Sebastien...
The NRB Group mainframe day 2021 - Application Modernisation On Z - Sebastien...NRB
 
The NRB Group mainframe day 2021 - Security On Z - Guillaume Hoareau
The NRB Group mainframe day 2021 - Security On Z - Guillaume HoareauThe NRB Group mainframe day 2021 - Security On Z - Guillaume Hoareau
The NRB Group mainframe day 2021 - Security On Z - Guillaume HoareauNRB
 
The NRB Group mainframe day 2021 - IBM Z-Strategy & Roadmap - Adam John Sturg...
The NRB Group mainframe day 2021 - IBM Z-Strategy & Roadmap - Adam John Sturg...The NRB Group mainframe day 2021 - IBM Z-Strategy & Roadmap - Adam John Sturg...
The NRB Group mainframe day 2021 - IBM Z-Strategy & Roadmap - Adam John Sturg...NRB
 
The NRB Group mainframe day 2021 - The NRB Group & The Mainframe - Pascal Laf...
The NRB Group mainframe day 2021 - The NRB Group & The Mainframe - Pascal Laf...The NRB Group mainframe day 2021 - The NRB Group & The Mainframe - Pascal Laf...
The NRB Group mainframe day 2021 - The NRB Group & The Mainframe - Pascal Laf...NRB
 
Nrb Mainframe Day - z Data and AI - Michael Boeckx
Nrb Mainframe Day - z Data and AI - Michael BoeckxNrb Mainframe Day - z Data and AI - Michael Boeckx
Nrb Mainframe Day - z Data and AI - Michael BoeckxNRB
 
Nrb Mainframe Day - Nrb Mainframe Strategy - Pascal Laffineur
Nrb Mainframe Day - Nrb Mainframe Strategy - Pascal LaffineurNrb Mainframe Day - Nrb Mainframe Strategy - Pascal Laffineur
Nrb Mainframe Day - Nrb Mainframe Strategy - Pascal LaffineurNRB
 
Nrb Mainframe Day - Ibm z A Key Player In The Hybrid Cloud Journey - Bob Catteew
Nrb Mainframe Day - Ibm z A Key Player In The Hybrid Cloud Journey - Bob CatteewNrb Mainframe Day - Ibm z A Key Player In The Hybrid Cloud Journey - Bob Catteew
Nrb Mainframe Day - Ibm z A Key Player In The Hybrid Cloud Journey - Bob CatteewNRB
 
Nrb Mainframe Day - NRB's Agile Software Factory In support of Application In...
Nrb Mainframe Day - NRB's Agile Software Factory In support of Application In...Nrb Mainframe Day - NRB's Agile Software Factory In support of Application In...
Nrb Mainframe Day - NRB's Agile Software Factory In support of Application In...NRB
 
Nrb Mainframe Day z Data and AI - Leif Pedersen
Nrb Mainframe Day z Data and AI - Leif PedersenNrb Mainframe Day z Data and AI - Leif Pedersen
Nrb Mainframe Day z Data and AI - Leif PedersenNRB
 
Nrb Mainframe Day - z Legacy Innovation - New Architecture And Api Services -...
Nrb Mainframe Day - z Legacy Innovation - New Architecture And Api Services -...Nrb Mainframe Day - z Legacy Innovation - New Architecture And Api Services -...
Nrb Mainframe Day - z Legacy Innovation - New Architecture And Api Services -...NRB
 
NRB Sap Day 03/10/2019 - Presentation The Nrb Group - Daniel Eycken
NRB Sap Day 03/10/2019 - Presentation The Nrb Group - Daniel Eycken NRB Sap Day 03/10/2019 - Presentation The Nrb Group - Daniel Eycken
NRB Sap Day 03/10/2019 - Presentation The Nrb Group - Daniel Eycken NRB
 
NRB Sap Day 03/10/2019 - Wbfin What An Exciting Challenge - Sophie Algoet - C...
NRB Sap Day 03/10/2019 - Wbfin What An Exciting Challenge - Sophie Algoet - C...NRB Sap Day 03/10/2019 - Wbfin What An Exciting Challenge - Sophie Algoet - C...
NRB Sap Day 03/10/2019 - Wbfin What An Exciting Challenge - Sophie Algoet - C...NRB
 
NRB Sap Day 03/10/2019 - UMGC Groningen, The Entire Organisation Aligned - Kr...
NRB Sap Day 03/10/2019 - UMGC Groningen, The Entire Organisation Aligned - Kr...NRB Sap Day 03/10/2019 - UMGC Groningen, The Entire Organisation Aligned - Kr...
NRB Sap Day 03/10/2019 - UMGC Groningen, The Entire Organisation Aligned - Kr...NRB
 
NRB Sap Day 03/10/2019 - The Sap Intelligent Enterprise Strategy In Action - ...
NRB Sap Day 03/10/2019 - The Sap Intelligent Enterprise Strategy In Action - ...NRB Sap Day 03/10/2019 - The Sap Intelligent Enterprise Strategy In Action - ...
NRB Sap Day 03/10/2019 - The Sap Intelligent Enterprise Strategy In Action - ...NRB
 
NRB Sap Day 03/10/2019 - Sap's Commitment Towards Great Delivery For S4 move...
NRB Sap Day 03/10/2019 - Sap's Commitment Towards Great Delivery For S4 move...NRB Sap Day 03/10/2019 - Sap's Commitment Towards Great Delivery For S4 move...
NRB Sap Day 03/10/2019 - Sap's Commitment Towards Great Delivery For S4 move...NRB
 

Mehr von NRB (20)

Le Groupe NRB : Le meilleur partenaire pour votre z/modernisation
Le Groupe NRB : Le meilleur partenaire pour votre z/modernisationLe Groupe NRB : Le meilleur partenaire pour votre z/modernisation
Le Groupe NRB : Le meilleur partenaire pour votre z/modernisation
 
Mainframe Day 2022 -The NRB Group - the best partner of your z-modernization.pdf
Mainframe Day 2022 -The NRB Group - the best partner of your z-modernization.pdfMainframe Day 2022 -The NRB Group - the best partner of your z-modernization.pdf
Mainframe Day 2022 -The NRB Group - the best partner of your z-modernization.pdf
 
The NRB Group mainframe day 2021 - Containerisation on Z - Paul Pilotto - Seb...
The NRB Group mainframe day 2021 - Containerisation on Z - Paul Pilotto - Seb...The NRB Group mainframe day 2021 - Containerisation on Z - Paul Pilotto - Seb...
The NRB Group mainframe day 2021 - Containerisation on Z - Paul Pilotto - Seb...
 
The NRB Group mainframe day 2021 - New Programming Languages on Z - Frank Van...
The NRB Group mainframe day 2021 - New Programming Languages on Z - Frank Van...The NRB Group mainframe day 2021 - New Programming Languages on Z - Frank Van...
The NRB Group mainframe day 2021 - New Programming Languages on Z - Frank Van...
 
The NRB Group mainframe day 2021 - DevOps on Z - Jerome Klimm - Benoit Ebner
The NRB Group mainframe day 2021 - DevOps on Z - Jerome Klimm - Benoit EbnerThe NRB Group mainframe day 2021 - DevOps on Z - Jerome Klimm - Benoit Ebner
The NRB Group mainframe day 2021 - DevOps on Z - Jerome Klimm - Benoit Ebner
 
The NRB Group mainframe day 2021 - Application Modernisation On Z - Sebastien...
The NRB Group mainframe day 2021 - Application Modernisation On Z - Sebastien...The NRB Group mainframe day 2021 - Application Modernisation On Z - Sebastien...
The NRB Group mainframe day 2021 - Application Modernisation On Z - Sebastien...
 
The NRB Group mainframe day 2021 - Security On Z - Guillaume Hoareau
The NRB Group mainframe day 2021 - Security On Z - Guillaume HoareauThe NRB Group mainframe day 2021 - Security On Z - Guillaume Hoareau
The NRB Group mainframe day 2021 - Security On Z - Guillaume Hoareau
 
The NRB Group mainframe day 2021 - IBM Z-Strategy & Roadmap - Adam John Sturg...
The NRB Group mainframe day 2021 - IBM Z-Strategy & Roadmap - Adam John Sturg...The NRB Group mainframe day 2021 - IBM Z-Strategy & Roadmap - Adam John Sturg...
The NRB Group mainframe day 2021 - IBM Z-Strategy & Roadmap - Adam John Sturg...
 
The NRB Group mainframe day 2021 - The NRB Group & The Mainframe - Pascal Laf...
The NRB Group mainframe day 2021 - The NRB Group & The Mainframe - Pascal Laf...The NRB Group mainframe day 2021 - The NRB Group & The Mainframe - Pascal Laf...
The NRB Group mainframe day 2021 - The NRB Group & The Mainframe - Pascal Laf...
 
Nrb Mainframe Day - z Data and AI - Michael Boeckx
Nrb Mainframe Day - z Data and AI - Michael BoeckxNrb Mainframe Day - z Data and AI - Michael Boeckx
Nrb Mainframe Day - z Data and AI - Michael Boeckx
 
Nrb Mainframe Day - Nrb Mainframe Strategy - Pascal Laffineur
Nrb Mainframe Day - Nrb Mainframe Strategy - Pascal LaffineurNrb Mainframe Day - Nrb Mainframe Strategy - Pascal Laffineur
Nrb Mainframe Day - Nrb Mainframe Strategy - Pascal Laffineur
 
Nrb Mainframe Day - Ibm z A Key Player In The Hybrid Cloud Journey - Bob Catteew
Nrb Mainframe Day - Ibm z A Key Player In The Hybrid Cloud Journey - Bob CatteewNrb Mainframe Day - Ibm z A Key Player In The Hybrid Cloud Journey - Bob Catteew
Nrb Mainframe Day - Ibm z A Key Player In The Hybrid Cloud Journey - Bob Catteew
 
Nrb Mainframe Day - NRB's Agile Software Factory In support of Application In...
Nrb Mainframe Day - NRB's Agile Software Factory In support of Application In...Nrb Mainframe Day - NRB's Agile Software Factory In support of Application In...
Nrb Mainframe Day - NRB's Agile Software Factory In support of Application In...
 
Nrb Mainframe Day z Data and AI - Leif Pedersen
Nrb Mainframe Day z Data and AI - Leif PedersenNrb Mainframe Day z Data and AI - Leif Pedersen
Nrb Mainframe Day z Data and AI - Leif Pedersen
 
Nrb Mainframe Day - z Legacy Innovation - New Architecture And Api Services -...
Nrb Mainframe Day - z Legacy Innovation - New Architecture And Api Services -...Nrb Mainframe Day - z Legacy Innovation - New Architecture And Api Services -...
Nrb Mainframe Day - z Legacy Innovation - New Architecture And Api Services -...
 
NRB Sap Day 03/10/2019 - Presentation The Nrb Group - Daniel Eycken
NRB Sap Day 03/10/2019 - Presentation The Nrb Group - Daniel Eycken NRB Sap Day 03/10/2019 - Presentation The Nrb Group - Daniel Eycken
NRB Sap Day 03/10/2019 - Presentation The Nrb Group - Daniel Eycken
 
NRB Sap Day 03/10/2019 - Wbfin What An Exciting Challenge - Sophie Algoet - C...
NRB Sap Day 03/10/2019 - Wbfin What An Exciting Challenge - Sophie Algoet - C...NRB Sap Day 03/10/2019 - Wbfin What An Exciting Challenge - Sophie Algoet - C...
NRB Sap Day 03/10/2019 - Wbfin What An Exciting Challenge - Sophie Algoet - C...
 
NRB Sap Day 03/10/2019 - UMGC Groningen, The Entire Organisation Aligned - Kr...
NRB Sap Day 03/10/2019 - UMGC Groningen, The Entire Organisation Aligned - Kr...NRB Sap Day 03/10/2019 - UMGC Groningen, The Entire Organisation Aligned - Kr...
NRB Sap Day 03/10/2019 - UMGC Groningen, The Entire Organisation Aligned - Kr...
 
NRB Sap Day 03/10/2019 - The Sap Intelligent Enterprise Strategy In Action - ...
NRB Sap Day 03/10/2019 - The Sap Intelligent Enterprise Strategy In Action - ...NRB Sap Day 03/10/2019 - The Sap Intelligent Enterprise Strategy In Action - ...
NRB Sap Day 03/10/2019 - The Sap Intelligent Enterprise Strategy In Action - ...
 
NRB Sap Day 03/10/2019 - Sap's Commitment Towards Great Delivery For S4 move...
NRB Sap Day 03/10/2019 - Sap's Commitment Towards Great Delivery For S4 move...NRB Sap Day 03/10/2019 - Sap's Commitment Towards Great Delivery For S4 move...
NRB Sap Day 03/10/2019 - Sap's Commitment Towards Great Delivery For S4 move...
 

Kürzlich hochgeladen

Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Kürzlich hochgeladen (20)

Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

The Mainframe's Role in Enterprise Security Management - Jean-Marc Darees

  • 1. © Copyright IBM Corporation 2016. The Mainframe’s Role in Enterprise Security Management Jean Marc Darées IT Architect, Security on IBM z Systems
  • 2. 1© Copyright IBM Corporation 2016 • End to end security • Crypto Monster • Security certification Agenda
  • 3. 2© Copyright IBM Corporation 2016 Security leaders are more accountable than ever before Source: Discussions with more than 13,000 C-suite executives as part of the IBM C-suite Study Series Loss of market share and reputation Legal exposure Audit failure Fines and criminal charges Financial loss Loss of data confidentiality, integrity and/or availability Violation of employee privacy Loss of customer trust Loss of brand reputation CEO CFO/COO CIO CHRO CMO Security a must for the Business
  • 4. 3© Copyright IBM Corporation 2016 Security Projects use z Systems features. Security in the core of the mainframe design
  • 5. 4© Copyright IBM Corporation 2016 © Copyright IBM Corporation 2015 System Z unique: the full portfolio End to End security • IDENTITY & ACCESS • Enable secure collaboration with internal and external users with controlled and secure access to information, applications and assets • DATA SECURITY • Protect and secure your data and information assets • APPLICATION SECURITY • Continuously manage, monitor and audit application security • INFRASTRUCTURE SECURITY • Comprehensive threat and vulnerability management across networks, servers and end-points • SECURITY COMPLIANCE • Demonstrable policy enforcement aligned to regulations, standards, laws, agreements (PCI, FISMA, etc..)
  • 6. 5© Copyright IBM Corporation 2016 RACF Enables application and database security without modifying applications Can reduce security complexity and expense: • Central security process that is easy to apply to new workloads or as user base increases • Tracks activity to address audit and compliance requirements Hardware Architecture z/OS Networks Data & Applications Administration Authentication Authorization Administration Auditing Resource Access Control Facility (RACF) IDENTITY & ACCESS EAL5: https://www.bsi.bund.de/ContentBSI/EN/Topics/Certification/newcertificates.html
  • 7. 6© Copyright IBM Corporation 2016 z/OS PKI Services : Ready to use on zOS IDENTITY & ACCESS
  • 8. 7© Copyright IBM Corporation 2016 Execute what you trust !!! APPLICATION SECURITY Code signing • Code signing for Program Objects in PDSEs • Support in Program Management Binder & Loader • System SSL support for a new mode of operation designed to meet NIST FIPS 140-2 Level 1 criteria • AT-TLS support for FIPS 140-2
  • 9. 8© Copyright IBM Corporation 2016 HW Crypto in z Systems DATA SECURITY/ INFRASTRUCTURE SECURITY/IDENTITY & ACCESS CPC Drawer Smart Cards Crypto Express5S Smart Card Readers PU SCM Each PU is capable of having the CPACF function PCIe I/O drawers Trusted Key Entry (TKE) TKE required for management of Crypto Express5S and EP11 FIPS 140-2 Level 4
  • 10. 9© Copyright IBM Corporation 2016 Secured Connections Security Projects can count on z Systems features. We are expecting more and more from our Mainframe
  • 11. 10© Copyright IBM Corporation 2016 z13 a Crypto monster … RSA-AES-128-GCM-SHA256 TLS 1.2 0,0 5000,0 10000,0 15000,0 20000,0 25000,0 30000,0 Software 1 Acc 2 Acc 3 Acc 4 Acc 5 Acc 6 Acc RSA-2048 SSL HS/s - Crypto Card Scalability Software 1 Acc 2 Acc 3 Acc 4 Acc 5 Acc 6 Acc
  • 12. 11© Copyright IBM Corporation 2016 Database Encryption & Data Tokenization Security Projects can count on z Systems features. DATA SECURITY
  • 13. 12© Copyright IBM Corporation 2016 Encryption on DB2 / IMS : Easy, Efficient , No change • No need to change your application with z/OS Infosphere Guardium Encryption for DB2 & IMS. • Prefect integration with the IDENTITY & ACCESS management RACF • Prefect integration with the zOS Cryptographic function ICSF • Low performance impact thanks to the crypto hardware accelerator CPACF
  • 14. 13© Copyright IBM Corporation 2016 Complete Key Management solution • Dual control for access /Separation of duties • Restrict access to cryptographic keys to the fewest number of custodians necessary. • Store cryptographic keys securely in the fewest possible locations and forms • Secure cryptographic key storage: tamper responsive cryptographic hardware • Cryptographic key changes for keys that have reached the end of their crypto period (key rotation) • Fully document and implement all key- management processes and procedures for cryptographic keys. • Key changes in accordance with recommended crypto periods (ie. NIST SP800-57) • Audit trails for all key management operations EKMF EKMF Browsers EKMF Workstation
  • 15. 14© Copyright IBM Corporation 2016 Tokenization's solution are available on z Irreversible Tokens Irreversible tokens can never be converted back to the original PAN. It is not possible in any circumstance for any party to obtain a PAN from its irreversible token, either through analysis or from any kind of stored data extraction. Authenticatable Irreversible Non Authenticatable Irreversible Reversible Tokens Reversible tokens provide the possibility for entities using or producing tokens to obtain the original PAN from the token. Reversible tokens have the potential to become a PAN again by the process of de-tokenization. Reversible tokens can be mapped to a unique PAN or multiple tokens may map back to the same PAN depending on technology used. If it is technically possible for a token to be de-tokenized, a product is considered to be a reversible tokenization product even if the entity producing the tokens does not intend to permit de- tokenization. Reversible Cryptographic Reversible Non-Cryptographic Tokens Mainframe Technologies Available Performances SHA512 = 3,5GB/s / C Security CEX5S as Co- ProcesMainframe Granularity CPACF, CEX5S APIs z/OS, zLinux, APIM Standards SHA, SHA256, SHA384, SHA512, SHA3
  • 16. 15© Copyright IBM Corporation 2016 z Systems Security Certifications z/OS z/VM Linux Linux Linux Virtualization with partitions Cryptography  z13 Common Criteria evaluation −Common Criteria EAL5+ with specific target of evaluation -- LPAR: Logical partitions  Crypto Express5 Coprocessor −FIPS 140-2 level 4 −Approved by German ZKA −  CP Assist −FIPS 197 (AES) −FIPS 46-3 (TDES) −FIPS 180-3 (Secure Hash) The IBM z13 is designed for Common Criteria Evaluation Assurance Level 5+ certification for security of logical partitions. The Common Criteria program establishes an organizational and technical framework to evaluate the trustworthiness of IT Products and protection profiles z/VM  Common Criteria − z/VM V6.1 is EAL 4+ for OSPP  z/VM V6.3 System SSL FIPS 140-2 certification pending.  System Integrity Statement z/OS  Common Criteria EAL4+ − with CAPP and LSPP − z/OS V1.7  V1.10 + RACF − z/OS V1.11 + RACF (OSPP) − z/OS V1.12, z/OS V1.13, − z/OS V2R1 (OSPP) Sept ‘14  Common Criteria EAL5+ − RACF V1R12 (OSPP) − RACF V1R13 (OSPP) − RACF V2R1 OSPP  z/OS 1.10 IPv6 Certification by JITC  IdenTrust™ certification for z/OS PKI Services  FIPS 140-2 − System SSL z/OS V1.10  V1.13 − z/OS ICSF PKCS#11 Services • z/OS V1.11  z/OS V1.13  Statement of Integrity Linux on z Systems  Common Criteria − SUSE SLES11 SP2 certified at EAL4+ with OSPP − Red Hat EL6.2 EAL4+ with CAPP and LSPP  OpenSSL - FIPS 140-2 Level 1 Validated  CP Assist - SHA-1 validated for FIPS 180-1 - DES & TDES validated for FIPS 46-3
  • 17. 16© Copyright IBM Corporation 2016 • End to end • With Optimum performance • With Latest Security certifications Security on Mainframe :
  • 18. © Copyright IBM Corporation 2016.
  • 19. 18© Copyright IBM Corporation 2016 © Copyright IBM Corporation 2015 Join us in Montpellier at the IBM System z Security Conference and enhance your security skills to achieve your security projects September 27/ 30th Montpellier France 2016