IBM secures e-businesses

Responding to demands from several of its largest customers, IBM Corp. on March 25 unveiled a new version of its zOS mainframe operating system that allows users to create and manage millions of digital certificates, thereby making e-businesses more secure.

By embedding this ability tightly into Release 3 of zOS, users now have more flexibility and control to both issue and revoke their own digital certificates instead of having to rely on those from third parties, company officials said.

As an example of the advantage being able to create certificates from a host-based system offers, an insurance company can manage the entire lifecycle of its digital certificates, including adding revising and removing certificates for its policy holders, agents, and other trusted parties. This helps to ensure greater autonomy and efficiency.

This capability is possible through the PKI (Public Key Infrastructure) support built into Release 3 of zOS, something IBM started working on some time ago.

“The effort to create a public key infrastructure into zOS started several years ago when I was bombarded by users, mostly financial and government agencies, who said if we were to build PKI, we should do it at the zSeries level,” said Linda Distel, program director for IBM’s eServer Security. “So now we are shipping pretty much an out-of-the-box ability to actually request and receive back digital certificates to large amounts of end-users,” she said.

Security vendors pushing PKI technology, such as Entrust Technologies Inc., Baltimore Technologies PLC, and RSA Security Inc., have discovered user apathy and confusion toward implementing PKI as an add-on component and are exploring ways to embed the technology within security architectures from the beginning, according to security analysts.

“IBM has made a big step forward here in putting security in the hands of the end-user,” said Richard Ptak, an Amherst, N.H.-based industry consultant. “Before you had to go through a process [to issue and verify digital certificates]. I think [zOS mainframe] will make PKI easier to control and manageable and immediately pay a return to the user. It certainly overcomes a barrier to use.”

Last January IBM said it would combine its Tivoli Policy Director solution with VeriSign Inc. technology in an effort to bolster Web single sign-on and authorization services for both enterprise application integration and back-end identity infrastructure. By partnering with and ensuring digital certificate behemoth VeriSign runs on its hardware, IBM has positioned itself as a tough opponent in the secure transaction and identity management space, analysts say.

Along with increased control, the advantage of embedding digital certification into a host-based operating system instead of adding it in separately on lower-level applications is performance and scalability.

“In talking to a lot of state and federal government agencies, they [want] to give out digital certificates to citizens to be able to do business online. So the fact that ours can scale up to some very large number means a state or the post office or very large multinational bank can use this to deals with lots of users,” Distel said.

Other security features added to Release 3 include support for AES (Advanced Encryption Standard), a high-level data encryption cryptographic standard that is replacing DES (Data Encryption Standard).

The new version also has support for DUKPT (Derived Unique Key Per Transaction), an encryption technique that is commonly used among point-of-sale terminals.

Release 3 is expected to be widely available by March 29.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Previous article
Next article

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now