developing secure applications for ibm i
play

Developing Secure Applications for IBM i Introductions Design and - PowerPoint PPT Presentation

Oct 17, 2022 •119 likes •1.06k views

Developing Secure Applications for IBM i Introductions Design and Documentation Application Ownership and Authority A Simple Security Model Integrity Considerations Resources for Security Officers Questions & Answers

  1. Developing Secure Applications for IBM i

  2. • Introductions • Design and Documentation • Application Ownership and Authority • A Simple Security Model • Integrity Considerations • Resources for Security Officers • Questions & Answers 2

  3. ROBIN TATAM Director of Security Technologies 952-563-2768 robin.tatam@powertech.com 3

  4. • Premier Provider of Security Solutions & Services – 16 years in the security industry as an established thought leader – Customers in over 70 countries, representing every industry – Security subject matter expert for COMMON • IBM Advanced Business Partner • Member of PCI Security Standards Council • Authorized by NASBA to issue CPE Credits for Security Education • Publisher of the Annual “ State of IBM i Security ” Report 4

  5. • Introductions • Design and Documentation • Application Ownership and Authority • A Simple Security Model • Integrity Considerations • Resources for Security Officers • Questions & Answers 5

  6. An application’s security I’m a programmer ! They know I don’t do design should be an documentation! integral part of the normal analysis and planning process The architecture should be documented for later reference 6

  7. Security design documentation is critical for auditors, system administrators, and the “next” programmer Include information on: – Overview of the security architecture – What profiles need to exist (ownership and runtime) – Which files contain sensitive data (audited or encrypted?) – What authorization lists are used – How data is accessed (application programs, Query, FTP etc.) – How users gain access (public authority, private authority, adopted authority) – Any special object runtime attributes (adoption etc.) 7

  8. Poor Planning leads to Failed Execution (and potentially unsecure applications) 8

  9. 9

  10. 10

  11. 11

  12. 12

  13. • Introductions • Design and Documentation • Application Ownership and Authority • A Simple Security Model • Integrity Considerations • Resources for Security Officers • Questions & Answers 13

  14. Under IBM i , every object is “owned” by a profile that is initially granted *ALL access to the object Object ownership is assigned when the object is first created, and can be changed using the CHGOBJOWN and CHGOWN commands Initial ownership is claimed by the user that creates it, or the group that they belong to (depends on their profile settings) 14

  15. The owner is automatically granted *ALL access 15

  16. Consider creating a profile specifically to “own” the related application objects – Provides consistency – Helps simplify save/restore operations I recommend NOT using IBM- supplied profiles, or allowing programmers to remain the owners 16

  17. The “owning” profile does not need any special authority (unless the application performs system tasks using authority adoption) CRTUSRPRF USRPRF(PAYOWN) PASSWORD(*NONE) SPCAUT(*NONE) INLPGM(*NONE) INLMNU(*SIGNOFF) LMTCPB(*YES) An application build process or lifecycle manager (aka change control) can ensure correct object ownership and authority settings 17

  18. It is possible to change the owners authority so that they cannot access an object that they own! However, ownership provides certain privileges, such as the ability to set authorities for other users - including themselves! 18

  19. 19

  20. The application design should accommodate objects that are created by the users during run time Typically, the application should: – Create the new object (CRTxxx) – Set object ownership (CHGOBJOWN) – Establish the desired authorities (GRTOBJAUT) 20

  21. IBM i contains a unique concept called Public Authority which is the default permission granted to a user who has not been granted any explicit authority (including *EXCLUDE) Public authority is determined by: – For native objects: public authority is assigned starting from the CRTxxx command – For IFS objects: public authority is inherited from the parent directory 21

  22. For native objects, IBM resolves the public authority setting from the command to the library description to the QCRTAUT system value CRTxxx DSPLIBD DSPSYSVAL AUT(*LIBCRTAUT) CRTAUT(*SYSV AL) QCRTAUT Once the *PUBLIC authority is resolved, it’s permanent — there is no dynamic link 22

  23. There is nothing technically wrong with the concept of default public authority DSPSYSVAL QCRTAUT Problems begin when the QCRTAUT system value remains at its shipped value: *CHANGE (that’s sufficient to read, change, and delete data!) 23

  24. I recommend controlling the public authority default for each individual library CRTxxx DSPLIBD DSPSYSVAL AUT(*LIBCRTAUT) CRTAUT(*EXCLUDE) QCRTAUT This permits granular control; especially when the server contains multiple applications with varying authority requirements 24

  25. Every object has a default authority (*PUBLIC) 25

  26. A user must have the required level of authority to access an object based on the requested action Authority is determined in the following (basic) sequence: 1. Individual User 2. Group Profile (consolidated if multiple groups) 3. *PUBLIC 26

  27. IBM i provides 4 authority templates … 27

  28. … to quickly assign more complex authorities 28

  29. These are the OBJECT authorities 29

  30. Although endless combinations are possible, it does not have to be as complex as it might seem – *EXCLUDE Object cannot be accessed – *USE Minimum authority necessary to “use” the object (read it / run it / look at it) – *CHANGE Adds the ability to modify the object’s contents – *ALL Can do everything, including deleting the object itself. Do NOT grant lightly Deploy using the IBM i templates whenever possible 30

  31. 31

  32. And these are the DATA authorities 32

  33. 33

  34. IBM i performs TWO evaluations before permitting access to an object NO Sufficient Access to the LIBRARY YES Sufficient NO Access to the OBJECT YES 34

  35. Establishing an application environment that’s compliant with object-level security is remarkably quickly and easily! • Place programs in a library and grant *USE access to authorized users • Place files and data areas in a data library and grant *USE or *CHANGE access to authorized users If you use adopted or swap authority, you can even set public authority to *EXCLUDE (more on this later) 35

  36. If you over-secure an object, or fail to elevate authority at run-time, the user will receive an authority failure An “AF” entry will be logged to QAUDJRN audit journal (you’ve activated IBM i auditing right?) 36

  37. Do NOT respond by granting the user *ALLOBJ special authority as this is a system-wide override!! *ALLOBJ Determine why the failure occurred and correct it 37

  38. Private authority is “ named ” access, and granted to an individual user or group profile (Public authority represents “ anonymous ” access) *ALLOBJ Private authority can be more restrictive but is typically less restrictive than public authority Common terms: Deny-by-default & Least privilege 38

  39. Private authorities are for specific users or groups and are optional 39

  40. 40

  41. Group profiles are a mechanism for role-based access control (RBAC) Associate users with similar security requirements with a group and grant application authority to the group A user can belong to 1 primary group and up to 15 supplemental groups (don’t go “group crazy”!) Users inherit private and special authorities from ALL of their groups (private authorities are additive) 41

  42. Group profiles are for organization and authority inheritance and should never be used to sign on (even for development purposes) Group profiles are created like any other user, except we recommend: – PASSWORD(*NONE) – INLPGM(*NONE) – INLMNU(*SIGNOFF) – LMTCPB(*YES) 42

  43. A group profile is like any other user profile until it’s designated as a group profile for another user 43

  44. 44

  45. Authorization lists are an organizational mechanism for securing objects with similar security requirements – All objects secured by an authorization list obtain private authorities (and, optionally, public authorities) from the list – You can still grant specific authorities to objects to augment (override) the authorities on the authorization list CRTAUTL AUTL(myautl) AUT(*EXCLUDE) ADDAUTLE or EDTAUTL to maintain the list entries 24x7 shop? Changing authorities on an authorization list does NOT require a lock on the object 45

  46. Authorization lists are not required; especially for simple authorization schemes. For example, if using adoption or a profile swap, then everything can simply be set to *EXCLUDE Authorization lists may help future-proof your application security and also permit access from outside the application (e.g. for file downloading) 46

  47. This object is secured by the PAYROLL authorization list 47

  48. These authorities take precedence over those on the authorization list 48

  49. You must manually set *PUBLIC to *AUTL to defer to the authorization list 49

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

and Web Applications 06 Secure Coding Alexandros Labrinidis University of Pittsburgh Secure

and Web Applications 06 Secure Coding Alexandros Labrinidis University of Pittsburgh Secure

CS 1655 / Spring 2010 Secure Data Management and Web Applications 06 Secure Coding Alexandros Labrinidis University of Pittsburgh Secure Coding From: Secure Coding: Principles and Practices by Mark G. Graff & Kenneth R. Van Wyk

753 views • 17 slides
Secure Client Applications HTTPS Secure Email Networking Sirindhorn International Institute of

Secure Client Applications HTTPS Secure Email Networking Sirindhorn International Institute of

Networking Secure apps Aims Crypto Basics Secure Client Applications HTTPS Secure Email Networking Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 26 June 2014

389 views • 26 slides
LinuxCon Tokyo, Japan 2016 Secure IoT Gateway Jim Gallagher Senior Technical Marketing Lead,

LinuxCon Tokyo, Japan 2016 Secure IoT Gateway Jim Gallagher Senior Technical Marketing Lead,

LinuxCon Tokyo, Japan 2016 Secure IoT Gateway Jim Gallagher Senior Technical Marketing Lead, MontaVista Software Setting the Stage This presentation will Applications focus on developing Secure Gateways (Edge Computing &

520 views • 23 slides
Applets and Applications Developing Applets and Applications Application run by user,

Applets and Applications Developing Applets and Applications Application run by user,

Applets and Applications Developing Applets and Applications Application run by user, double-clickable/command-line Create a JPanel with the guts of the GUI/logic No restrictions on access, reads files, URLS, What will be in the

256 views • 6 slides
Center for Secure and Resilient Maritime Commerce Developing a Resiliency Framework for Regional

Center for Secure and Resilient Maritime Commerce Developing a Resiliency Framework for Regional

Center for Secure and Resilient Maritime Commerce Developing a Resiliency Framework for Regional Freight Platforms T. Wakeman, H. Gajjar, J. Ramirez-Marquez, and H. Salloum Stevens Institute of Technology Center for Secure and Resilient

895 views • 48 slides
Practical Secure Two-Party Computation and Applications Lecture 3: Tools and Applications

Practical Secure Two-Party Computation and Applications Lecture 3: Tools and Applications

Practical Secure Two-Party Computation and Applications Lecture 3: Tools and Applications Estonian Winter School in Computer Science 2016 Overview of this lecture Part 2: ABY Part 3: GSHADE Special Purpose Protocols Generic Protocols

819 views • 52 slides
Motivation for IDS Developing absolutely secure systems is Intrusion Detection (IDS) not

Motivation for IDS Developing absolutely secure systems is Intrusion Detection (IDS) not

Motivation for IDS Developing absolutely secure systems is Intrusion Detection (IDS) not possible Most existing systems have security flaws Abuses by privileged insiders are possible Simone Fischer-Hbner Not all kinds of

414 views • 4 slides
Introduction To Java Questions to be addressed Why would I use Java for developing my

Introduction To Java Questions to be addressed Why would I use Java for developing my

Introduction To Java Questions to be addressed Why would I use Java for developing my applications? How do I get started on developing Java applications? What applications do I need to start developing? Why Java? Platform

476 views • 14 slides
Practical Secure Two-Party Computation and Applications Lecture 4: Hardware-Assisted

Practical Secure Two-Party Computation and Applications Lecture 4: Hardware-Assisted

Practical Secure Two-Party Computation and Applications Lecture 4: Hardware-Assisted Cryptographic Protocols Estonian Winter School in Computer Science 2016 Motivation 2 Two Areas Cryptographic Protocols Secure Hardware strong security

759 views • 52 slides
Secure by Default Web Applications With Apache Sling Robert Munteanu, Adobe Systems ApacheCon

Secure by Default Web Applications With Apache Sling Robert Munteanu, Adobe Systems ApacheCon

Secure by Default Web Applications With Apache Sling Secure by Default Web Applications With Apache Sling Robert Munteanu, Adobe Systems ApacheCon Core 2016 http://robert.muntea.nu @rombert Who I am $DAYJOB Open Source Adobe

610 views • 40 slides
Back To The Future Of f Soft ftware Security Developing Secure Smart Contracts Final -

Back To The Future Of f Soft ftware Security Developing Secure Smart Contracts Final -

Back To The Future Of f Soft ftware Security Developing Secure Smart Contracts Final - OWASP Toronto January 23, 2019 Whoami Jamie Baxter, M. Eng., OSCP, OSCE, CISSP, GPEN Independent Information Security Consultant focusing on

764 views • 52 slides
How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

DIMACS Workshop On Secure Routing March 10, 2010 How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing Protocols? $ $ Sharon Goldberg Microsoft Research & Boston University y Michael Schapira

701 views • 54 slides
Secure Scuttlebutt: An Identity-Centric Protocol for Subjective and Decentralized Applications

Secure Scuttlebutt: An Identity-Centric Protocol for Subjective and Decentralized Applications

Secure Scuttlebutt: An Identity-Centric Protocol for Subjective and Decentralized Applications Dominic Tarr (SSB, New Zealand) Erick Lavoie (McGill University, Montreal) Aljoscha Meyer (TU Berlin, Germany) Christian Tschudin (U of

501 views • 18 slides
New Primitives for Actively-Secure MPC over Rings with Applications to Private Machine Learning a

New Primitives for Actively-Secure MPC over Rings with Applications to Private Machine Learning a

New Primitives for Actively-Secure MPC over Rings with Applications to Private Machine Learning a ard 1 Daniel Escudero 1 Tore Frederiksen 2 Marcel Keller 3 Peter Scholl 1 Ivan Damg Nikolaj Volgushev 2 May 19, 2019 1 Aarhus University, Denmark 2

711 views • 32 slides
A secure infrastructure for mobile blended learning applications M. Politze, S. Schaffert, B.

A secure infrastructure for mobile blended learning applications M. Politze, S. Schaffert, B.

A secure infrastructure for mobile blended learning applications M. Politze, S. Schaffert, B. Decker IT Center RWTH Aachen University Overview Motivation & Goals Current State Case Studies Lessons Learned Future Work 2

623 views • 20 slides
Applications of formal verification for secure Cloud environments at CEA LIST Nikolai Kosmatov

Applications of formal verification for secure Cloud environments at CEA LIST Nikolai Kosmatov

Applications of formal verification for secure Cloud environments at CEA LIST Nikolai Kosmatov joint work with A.Blanchard, F.Bobot, M.Lemerre,. . . SEC2, Lille, June 30 th , 2015 N. Kosmatov (CEA LIST) Formal Verification for secure Cloud

597 views • 37 slides
H3C S3600 Series Switches Agenda Market Trends S3600 Overview S3600 Key Features V1. V1.5 New

H3C S3600 Series Switches Agenda Market Trends S3600 Overview S3600 Key Features V1. V1.5 New

H3C S3600 Series Switches Agenda Market Trends S3600 Overview S3600 Key Features V1. V1.5 New New Feat Feature IRF IRF RPS10 S1000 00-A Featu ature S re Summar mary End-to-End Intelligent Solution Summary www.h3c.com.cn 2

502 views • 48 slides
Botnets Leonidas Stylianou CS 682 23/04/2020 Lifecycle of a bot Infected host Botnet malware

Botnets Leonidas Stylianou CS 682 23/04/2020 Lifecycle of a bot Infected host Botnet malware

Botnets Leonidas Stylianou CS 682 23/04/2020 Lifecycle of a bot Infected host Botnet malware Botmaster controls becomes a bot and infects a host. the botnet. joins the botnet . Coordination of f bots with C&C server Bots query the

1k views • 58 slides
SIP Operation in the Public Internet An Update on What Makes Running SIP a Challenge and What it

SIP Operation in the Public Internet An Update on What Makes Running SIP a Challenge and What it

SIP Operation in the Public Internet An Update on What Makes Running SIP a Challenge and What it Takes To Deal With It Jiri Kuthan, iptel.org sip:jiri@iptel.org Outline Status update: where iptel.orgs operational experience comes from

579 views • 25 slides
Faint Object Spectrograph Flat Fielding Charles D. (Tony) Keyes 1 I. Introduction The FOS flat

Faint Object Spectrograph Flat Fielding Charles D. (Tony) Keyes 1 I. Introduction The FOS flat

Faint Object Spectrograph Flat Fielding Charles D. (Tony) Keyes 1 I. Introduction The FOS flat field calibration continues to follow the philosophy outlined in the SV- epoch report (Anderson, 1992). The calibration is intended to account for

229 views • 6 slides
Wha hat t are the e the cha hanges? nges? Presented by: Dineo Mphahlele Executive Manager:

Wha hat t are the e the cha hanges? nges? Presented by: Dineo Mphahlele Executive Manager:

FIC Amendment Act Wha hat t are the e the cha hanges? nges? Presented by: Dineo Mphahlele Executive Manager: Inspectorate FIC Amendment Act 1. Introduction 2. Risk-based approach 3. Risk Management and Compliance Programme(RMCP) 4. 7

608 views • 36 slides
SECURITY POLICY Confidential Focal3 Softw are Pvt Ltd F3 _ Doc_ 0 0 6 VER4 .0 Page 2 of 2

SECURITY POLICY Confidential Focal3 Softw are Pvt Ltd F3 _ Doc_ 0 0 6 VER4 .0 Page 2 of 2

F3 _ Doc_ 0 0 6 VER4 .0 Page 1 of 1 SECURITY POLICY Confidential Focal3 Softw are Pvt Ltd F3 _ Doc_ 0 0 6 VER4 .0 Page 2 of 2 Background Focal3 and its Customers provide Focal3 Agents with Confidential and Proprietary information

279 views • 13 slides
IT AUDIT AND SECURITY COMPLIANCE: WHERE TO FOCUS YOUR EFFORTS FOR 2014-15 IT Audit and Security

IT AUDIT AND SECURITY COMPLIANCE: WHERE TO FOCUS YOUR EFFORTS FOR 2014-15 IT Audit and Security

O'Connor & Drew, P.C. www.ocd.com @ocdcpa 1 IT AUDIT AND SECURITY COMPLIANCE: WHERE TO FOCUS YOUR EFFORTS FOR 2014-15 IT Audit and Security OConnor & Drew, P.C. www.ocd.com @ocdcpa Jake McAleer @johnjakem March 2014

848 views • 65 slides
WATCOM SOLUTIONS MEGA MALL www.watcom.ru AGENDA 1 5 ABOUT COMPANY SHOPPING INDEX 6 2

WATCOM SOLUTIONS MEGA MALL www.watcom.ru AGENDA 1 5 ABOUT COMPANY SHOPPING INDEX 6 2

WATCOM SOLUTIONS MEGA MALL www.watcom.ru AGENDA 1 5 ABOUT COMPANY SHOPPING INDEX 6 2 PEOPLE COUNTING SYSTEM FOCUS SYSTEM 7 3 PROJECT IMPLEMENTATION SHOPSTER 8 TRENDS AND ROADMAP 4 SALES FLOW SYSTEM www.watcom.ru ABOUT WATCOM 6

1.18k views • 72 slides

More recommend