Transforming the Database: Critical Innovations for Performance at Scale
SecureZIP @ HSBC
1. HTS/SDC
Secure
Data
Compression
PKZIP v5.6 for zSeries
01/18/2005 1
Dennis DeLockery
HSBC Technology Services
2. HTS Data Challenges 2005
PCI Data Security Compliance
– Strong Encryption Requirements
– Digital Signature Support
Data Encryption & Compression
– Minimize Data Bandwidth Costs
– Reduce DASD Storage
– Maximize DR Efficiencies
Effective Enterprise Methodology
Efficient Deployment
2
3. SecureZIP - Features & Benefits
Data Compression up to 95%
Universal Platform Support
AES 256-bit Strong Encryption
File Directory Support for Disk and Tape
Self Extracting ZIP for PC & Unix Users
Unlimited File Size Support
Backup and DR File Retention
Resolves EBCDIC/ASCII Translations
3
4. SecureZIP Data Comparison:
Common to Both Files:
A – Identical Data Content
– 100,000 Settlement Records
File A is Encrypted &
Compressed:
– 5 Megabytes in Size
– 15 Minutes to FTP (56kb)
– Is AES256 Encrypted
– Is Digitally Signed
B
File B is NOT Compressed:
– Is 55 Megabytes in Size
– 138 Minutes to FTP (56kb)
– 69 Minutes to FTP (128kb)
4
5. SecureZIP AES 256bit Security
Advanced 256bit Data Encryption
RSA’s BSAFE Technology & Algorithms
Digital Signature Support
3 Key Encryption Capability
Efficient One Step Compression/Security
5
6. SecureZIP Platform Independence
Windows 98, 2000, XP, NT4
Unix IBM AIX, SPARC, Solaris, HP-UX
iSeries (OS/400)
zSeries (OS-390/z/OS)
GZIP Support for Native Unix
Desktop (PC) Licensing FREE
6
7. Retail Service Needs
Settlement Files
– 12,000+ Datasets with 85% Redundancy
– 60 Megabyte Files = 2 Hour FTP
– Volatile Holiday Volumes (3X)
MBS/CMS Data Files, Backups, & DR
– Merchant/Consumer/Control Files
– Reports & Recap Data
– POS Merchant Downloads (Picklists)
– Conversion Files for New Business Launches
7
8. Retail Service Transmission Issues:
90%+ Data Redundancy without Compression
Transmission Times Exceeding 2 Hours
SLA Deadlines Jeopardized by Delays
Multiple Platform Points of Failure
Increasing Data Security Requirements
8
9. Retail Service Data Transfer du Jour
Multiple Platform Transports
– FTP 56kb Private Frame Relays
– FTP Connect Enterprise (PKZIP-INTERNET)
– FTP Mailbox
– NDM
Large Data File Categories
– Merchant Settlements for Funding
– Specific Merchant Data Requirements
– Custom Reporting
– Conversion/Launches
9
10. Potential Storage Reductions
4.5
4
3.5
Gigabytes
3
2.5
Unzipped
2 Zipped
1.5
1
0.5
0
Settlements MBS HMRX BK Total ZIP
Selected Examples
10
12. SDC “PKZIP” Settlement Model
Merchant CPU “X” Platform
– Data File is Compressed Using GZIP or PKZIP.
– Merchant FTPs Directly to HTS Mainframe FTP Server
– Security via UserID, Password, ZIP Password, Encryption
HTS Mainframe CPU
– INBOUND
MVS Dataset Automation Triggers Batch Processing using PKUNZIP
ZIP Files Retained as Backups Reducing DASD Needs by 90%
– OUTBOUND
Merchant Data and Recap Files Stored in Secure ZIP Repositories
Merchants Retrieve Secure ZIP Files via Mainframe FTP Sessions.
12
13. SDC vs. Connect Enterprise
Connect Enterprise Model
Connect
ZIP FTP ZIP PKZIP DATA Direct NDM NDM DATA
Platform X Unix OS390 Mainframe
SDC “PKZIP” FTP Model • 1 vs 2 Transmissons
• 2 vs 3 Platforms
ZIP FTP ZIP PKZIP DATA • 2 vs 4 Software Points of Failure
Platform X OS390 Mainframe • Only SDC Provides Storage Savings
13
14. Single FTP Transmission Path
Mainframe
Merchants HTS zSeries
Unix Based Frame Relays
Merchants HTS
Desktop System Merchant INTRANET
INTRANETS
INTERNET
INTERNET IBM RS/6000
PKZIP
Merchants 3rd Party
Consumers IBM RS/6000
(PayPoint)
INTRANETS
Third Party Desktop System
Processors Desktop System
HTS Firewall HTS Connect
Enterprise Server
14
15. Major Benefits
Open Independent Platform Strategy
Industry Leading Security Features
Minimize Storage Media Needs
Optimize Data Transmission Services
Maximize Return on Investments ($$$)
15