Без темы
<<  Artwork in PowerPoint Aspect Ratio and Active Format Description How do we make it all fit  >>
AS/400 Security
AS/400 Security
Outline
Outline
Security Has Changed
Security Has Changed
Other Access Data
Other Access Data
PC Access Data
PC Access Data
Why Exit Programs
Why Exit Programs
Why Exit Programs
Why Exit Programs
Why Exit Programs
Why Exit Programs
What are Exit Programs
What are Exit Programs
Request Processing
Request Processing
Request Processing
Request Processing
Specifying Exit Programs
Specifying Exit Programs
Specifying Exit Programs
Specifying Exit Programs
Specifying Exit Programs
Specifying Exit Programs
Specifying Exit Programs
Specifying Exit Programs
Exit Points
Exit Points
Outline
Outline
Exit Programs
Exit Programs
Operation code by Function
Operation code by Function
Operation code by Function
Operation code by Function
Prevent Remote Commands
Prevent Remote Commands
Exit Program Example
Exit Program Example
Exit Program Example
Exit Program Example
Exit Program Usage
Exit Program Usage
Exit Program Usage
Exit Program Usage
Installation Instructions
Installation Instructions
EXIT1 - File Transfer Exit
EXIT1 - File Transfer Exit
EXIT2 - File Transfer Exit
EXIT2 - File Transfer Exit
EXIT2 - File Transfer Exit
EXIT2 - File Transfer Exit
EXIT2 - File Transfer Exit
EXIT2 - File Transfer Exit
Outline
Outline
Outline
Outline
Compare to constant
Compare to constant
Read from File
Read from File
Exit Design Alternative
Exit Design Alternative
Check an Authorization List
Check an Authorization List
File Transfer Transactions
File Transfer Transactions
Summary
Summary
SUMMARY
SUMMARY
Summary
Summary
Information Sources
Information Sources
Information Sources
Information Sources
More ?
More ?

Презентация на тему: «AS400 Security». Автор: Wayne O. Evans. Файл: «AS400 Security.ppt». Размер zip-архива: 367 КБ.

AS400 Security

содержание презентации «AS400 Security.ppt»
СлайдТекст
1 AS/400 Security

AS/400 Security

All you want to know about:

Exit Programs

Jim Stracka PentaSafe

2 Outline

Outline

Exit Program Overview Why do I need exit-programs? What is purpose of exit-programs? If exit-programs don’t exit, why are they called exit programs? Sample exit program Limit file transfer and commands Design Alternatives

2

3 Security Has Changed

Security Has Changed

1980s

Today

3

4 Other Access Data

Other Access Data

DDM (Distributed Data Management) File Transfer Remote Commands FTP File Transfer Remote Commands Shared Folders

FTP File Transfer Remote Commands Telnet IFS (Integrated File System)

4

5 PC Access Data

PC Access Data

Work Station

Printer Support

Shared Folders & Documents

Remote Commands

Menu Security

File Transfer

API - Data Queue

API - ODBC

IFS (Integrated File System)

5

6 Why Exit Programs

Why Exit Programs

Can object security be used to protect data?

YES AS/400 security can lock up data.

HOWEVER Security design often makes security protection ineffective make security ineffective

6

7 Why Exit Programs

Why Exit Programs

What security designs make object security ineffective?

Need to provide additional protection

7

8 Why Exit Programs

Why Exit Programs

Need to provide additional protection

?EXIT PROGRAMS provide additional protection for application data

Users are authorized to data because of existing applications Need exists to prevent the user from using their access outside of applications

8

9 What are Exit Programs

What are Exit Programs

The purpose of exit programs is not to exit

9

10 Request Processing

Request Processing

Programs are called exit programs because the system (OS/400) exits to a user program in the middle of a request

10

11 Request Processing

Request Processing

request

Server rejects or performs the request based on exit program return code

AS/400Server

PARAMETERS

AS/400 Server

User Exit Program

11

12 Specifying Exit Programs

Specifying Exit Programs

How are exit programs specified?

Limited number of request types - Distributed Data Management - PC support (Client Access) One exit program per network attribute

There are two methods to name the exit programs

Multiple request types -Distributed data -Client Access -Integrated File System -Internet (FTP, Telnet) -Security - ... Multiple exits specific to function

Registration Facility

12

13 Specifying Exit Programs

Specifying Exit Programs

CHGNETA DDMACC(lib/pgm) PCSACC(lib/pgm)

PCSACC *OBJAUT - Request access determined by object authority *REJECT - Prevent all requests *REGFAC - Use registration facility Lib/Pgm - Qualified name of exit program

DDMACC *OBJAUT - Request access determined by object authority *REJECT - Prevent all requests Lib/Pgm - Qualified name of exit program

Must have *ALLOBJ special authority to change the network attributes

Network Attributes

13

14 Specifying Exit Programs

Specifying Exit Programs

WRKREGINF

Registration Facility

Work with Registration Information Type options, press Enter. 5=Display exit point 8=Work with exit programs Exit Exit Point Opt Point Format Registered Text _ QIBM_QHQ_DTAQ DTAQ0100 *YES Original Data Queue Server _ QIBM_QJO_DLT_JRNRCV DRCV0100 *YES Delete Journal Receiver _ QIBM_QLZP_LICENSE LICM0100 *YES Original License Mgmt Server _ QIBM_QMF_MESSAGE MESS0100 *YES Original Message Server _ QIBM_QNPS_ENTRY ENTR0100 *YES Network Print Server - entry _ QIBM_QNPS_SPLF SPLF0100 *YES Network Print Server - spool _ QIBM_QOE_OV_USR_ADM UADM0100 *YES OfficeVision/400 Administrati _ QIBM_QOE_OV_USR_SND DOCI0900 *YES OfficeVision/400 Mail Send Ex _ QIBM_QOK_NOTIFY VRFY0100 *YES System Directory Notify Exit _ QIBM_QOK_SUPPLIER SUPL0100 *YES System Directory Supplier Exi _ QIBM_QOK_VERIFY VRFY0100 *YES System Directory Verify Exit More... Command ===> F3=Exit F4=Prompt F9=Retrieve F12=Cancel

14

15 Specifying Exit Programs

Specifying Exit Programs

When a request arrives PROG1 will be called

1 PROG1 MYLIB

Registration Facility

Work with Exit Programs Exit point: QIBM_QLZP_LICENSE Format: LICM0100 Type options, press Enter 1=Add 4=Remove 5=Display 10=Replace Exit Program Exit Opt Number Program Library _ ___________ ___________ (No exit programs found.) Bottom Command ===> F3=Exit F4=Prompt F5=Refresh F9=Retrieve F12=Cancel

15

16 Exit Points

Exit Points

What exit points are used for a specific request?

What are the parameters passed to an exit?

16

17 Outline

Outline

Exit Program Overview Why do I need exit-programs? What is purpose of exit-programs? If exit-programs don’t exit, why are they called exit programs? Sample exit program Limit file transfer and commands Design Alternatives

17

18 Exit Programs

Exit Programs

CALL EXIT (RTNCDE STRUCTURE)

AS/400 Distributed Data Management SC41-5307 Client Access Server Concepts SC41-5740

18

19 Operation code by Function

Operation code by Function

Applic function / operation ation *LMSR license management REQUEST RELEASE *VPRT virtual print EXTRACT CHECK OPEN *TFRFCL file transfer SELECT JOIN REPLACE EXTRACT AS/400 -> PC retrieve information SELECT AS/400 -> PC download file JOIN AS/400 -> PC download joined file REPLACE PC --> AS/400 UPLOAD file

19

20 Operation code by Function

Operation code by Function

Applic function / operation ation *FLRSRV shared folders type 2 CHANGE CREATE DELETE EXTRACT MOVE OPEN RENAME *MSGFCL messages SEND RECEIVE *DDM distributed data management ADDMBR DELETE RENAME CHANGE EXTRACT RGZMBR CHGMBR INITIALIZE RMVMBR CLEAR LOAD RNMMBR COMMAND COPY MOVE LOCK CREATE OPEN UNLOAD

20

21 Prevent Remote Commands

Prevent Remote Commands

PGM PARM(&RTNCODE &DATA) DCL &DATA *CHAR 30 DCL &RTNCODE *CHAR 1 DCL &FUNC *CHAR 10 CHGVAR &FUNC (%SST(&DATA 21 10)) IF (&FUNC = 'COMMAND ') + THEN( CHGVAR &RTNCODE '0') ELSE CHGVAR &RTNCODE '1' ENDPGM

21

22 Exit Program Example

Exit Program Example

Prevent Remote Commands and File Upload

1 of 2

/****************************************************/ /* Installation instructions */ /* 1. Compile program */ /* CRTCLPGM PGM(LIB/EXIT1) */ /* SRCFILE( ) USRPRF(*OWNER) */ /* 2. Change owner of the program to user QSECOFR. */ /* Adopted authority allows the program sending */ /* to the audit journal */ /* CHGOBJOWN OBJ(LIB/EXIT1) */ /* OBJTYPE(*PGM) NEWOWN(QSECOFR) */ /* 3 Name the exit program in network attributes */ /* CHGNETA DDMACC(LIB/EXIT1) */ /* PCSACC(LIB/EXIT1) */ /* */ /* The audit journal QAUDJRN entries created are: */ /* 'X1' = Requests that are allowed */ /* 'X0' = Requests that are rejected */ /****************************************************/ PGM (&RC &STRU ) DCL &RC *CHAR 1 /*Return 1=allow */ /* 0=prevent*/ DCL &STRU *CHAR 200 /*Request description*/ DCL &USER *CHAR 10 /*User profile name */ DCL &APP1 *CHAR 10 /*Requested function */ DCL &APP2 *CHAR 10 /*Sub function */ DCL &TYPE *CHAR 2 /*Journal entry type */

22

23 Exit Program Example

Exit Program Example

Prevent Remote Commands and File Upload

2 of 2

Good Way to Monitor Use

MONMSG CPF0000 EXE(GOTO EXIT) /*If error exit*/ CHGVAR &RC '1' /*Allow request*/ CHGVAR &USER %SST(&STRU 1 10) /*Get user */ CHGVAR &APP1 %SST(&STRU 11 10) /*Get appl */ CHGVAR &APP2 %SST(&STRU 21 10) /*Get function */ /*Do not log IBM request to check license */ IF (&APP1 = '*LMSRV') GOTO EXIT IF &USER = 'XXXXXXXXX') GOTO LOG /* Prevent use of remote commands */ IF (&APP1 = '*DDM' *AND &APP2 = 'COMMAND') + CHGVAR &RC '0' /* Prevent the request */ ELSE /* Prevent file upload from PC users */ /* File download to PC is not prevented */ IF (&APP1 = '*TFRFCTL' *AND &APP2 = 'REPLACE') + CHGVAR &RC '0' /* Prevent the request */ /* Log request in the audit journal */ LOG:CHGVAR &TYPE ( 'X' *CAT &RC) SNDJRNE QAUDJRN TYPE(&TYPE) &ENTDTA(&STRU) EXIT:ENDPGM

23

24 Exit Program Usage

Exit Program Usage

The Exit Point Will Depend Upon the Operating Client Operating System

24

25 Exit Program Usage

Exit Program Usage

Two programs are required because parameters are different

Original File Transfer

Windows 95 and NT File Transfer

EXIT1

EXIT2

Difficult to determine if request was upload or download

25

26 Installation Instructions

Installation Instructions

Adopt owners authority to allow the programs to send to the audit journal

1. Compile programs

2. Change owner

CHGOBJOWN OBJ(XXX/EXIT1) OBJTYPE(*PGM) + NEWOWN(QSECOFR) CHGOBJOWN OBJ(XXX/EXIT2) OBJTYPE(*PGM) + NEWOWN(QSECOFR)

CRTCLPGM PGM(XXX/EXIT1) SRCFILE(XXX/QCLSRC) + USRPRF(*OWNER) CRTCLPGM PGM(XXX/EXIT2) SRCFILE(XXX/QCLSRC) + USRPRF(*OWNER)

26

27 EXIT1 - File Transfer Exit

EXIT1 - File Transfer Exit

/*******************************************/ /* Prevent file upload from PC users */ /* except in the UP_LIB library */ /* prevent download to PC */ /* except in the DOWN_LIB library */ /*******************************************/ IF COND(&APP2 *EQ 'REPLACE') THEN(DO) IF COND(&TFLIB *NE 'UP_LIB ') THEN( + CHGVAR &RC) '0') /*prevent request*/ ENDDO IF COND(&APP2 *EQ 'SELECT') THEN(DO) IF COND(&TFLIB *NE ’DOWN_LIB ') THEN( + CHGVAR &RC) '0') /*prevent request*/ ENDDO /*******************************************/ /* Log request in the audit journal */ /*******************************************/ LOG: CHGVAR VAR(&TYPE) VALUE('X' *CAT &RC) SNDJRNE JRN(QAUDJRN) TYPE(&TYPE)+ ENTDTA(&STRU) Exit:ENDPGM

3 of 3

Good Way to Monitor Use

27

28 EXIT2 - File Transfer Exit

EXIT2 - File Transfer Exit

1 of 3

/*===============================================================*/ /* To compile: */ /* */ /* CRTCLPGM PGM(XXX/EXIT2) SRCFILE(XXX/QCLSRC) + */ /* USRPRF(*OWNER) */ /* */ /* installation instructions: */ /* 1. Compile program */ /* */ /* 2. Change owner of the program to user QSECOFR. */ /* Adopted authority allows the program sending */ /* to the audit journal */ /* CHGOBJOWN OBJ(XXX/EXIT2) OBJTYPE(*PGM) + */ /* NEWOWN(QSECOFR) */ /* */ /* 3. Name the exit program in registration facility */ /* ADDEXITPGM EXITPNT(QIBM_QZDA_NBR1 ) + */ /* FORMAT(ZDAD0100) PGMNBR(1)+ */ /* PGM(XXX/EXIT2) REPLACE(*NO) + */ /* text('limit to specific libraries') */ /* The request is recorded in the audit journal */ /* The audit journal QAUDJRN entries created are: */ /* 'Z1' = requests that are allowed */ /* 'Z0' = requests that are rejected */ /*==============================================================*/ PGM PARM(&RC &REQUEST) DCL VAR(&RC) TYPE(*CHAR) LEN(1) /* 1=allow 0=prevent*/ DCL VAR(&REQUEST) TYPE(*CHAR) LEN(700) /*request desc */ DCL VAR(&TYPE) TYPE(*CHAR) LEN(2) /*journal entry type */

28

29 EXIT2 - File Transfer Exit

EXIT2 - File Transfer Exit

2 of 3

DCL var(&x1800) type(*char) len(4) + value(x'00001800') /* create database file*/ DCL var(&x1801) type(*char) len(4) + value(x'00001801') /* create source file*/ DCL var(&x1802) type(*char) len(4) + value(x'00001802') /* add member */ DCL var(&x1803) type(*char) len(4) + value(x'00001803') /* clear member */ DCL var(&x1804) type(*char) len(4) + value(x'00001804') /* delete member */ DCL var(&x1805) type(*char) len(4) + value(x'00001805') /* file override */ DCL var(&x1806) type(*char) len(4) + value(x'00001806') /* delete file override*/ DCL var(&x1807) type(*char) len(4) + value(x'00001807') /* create save file */ DCL var(&x1808) type(*char) len(4) + value(x'00001808') /* clear save file */ DCL var(&x1809) type(*char) len(4) + value(x'00001809') /* delete file */ /* OPTIMIZED DATABASE SERVER DECLARES */ DCL VAR(&DBFMT) TYPE(*CHAR) LEN(8) /* format name */ DCL VAR(&DBFID) TYPE(*CHAR) LEN(4) /* function identifier */ /* THE FOLLOWING PARAMETERS ADDITIONAL FOR FORMAT ZDAD0100 */ DCL VAR(&DBFILE) TYPE(*CHAR) LEN(128)/* file name */ DCL VAR(&DBLIB) TYPE(*CHAR) LEN(10) /* library name */ DCL VAR(&DBMBR) TYPE(*CHAR) LEN(10) /* member name */ DCL VAR(&DBAUT) TYPE(*CHAR) LEN(10) /* authority to file */ DCL VAR(&DBBFIL) TYPE(*CHAR) LEN(128) /* based on file name */ DCL VAR(&DBBLIB) TYPE(*CHAR) LEN(10) /* based on library name */ DCL VAR(&DBOFIL) TYPE(*CHAR) LEN(10) /* override file name */ DCL VAR(&DBOLIB) TYPE(*CHAR) LEN(10) /* override library name */ DCL VAR(&DBOMBR) TYPE(*CHAR) LEN(10) /* override member name */

29

30 EXIT2 - File Transfer Exit

EXIT2 - File Transfer Exit

3 of 3

MONMSG MSGID(CPF0000) EXEC(GOTO CMDLBL(EXIT)) * allow request unless rejected by program */ CHGVAR VAR(&RC) VALUE('1') /* set variables from request description */ CHGVAR VAR(&DBFMT) VALUE(%SST(&REQUEST 21 8)) CHGVAR VAR(&DBFID) VALUE(%SST(&REQUEST 29 4)) CHGVAR VAR(&DBFILE) VALUE(%SST(&REQUEST 33 128)) CHGVAR VAR(&DBLIB) VALUE(%SST(&REQUEST 161 10)) CHGVAR VAR(&DBMBR) VALUE(%SST(&REQUEST 171 10)) CHGVAR VAR(&DBOFIL) VALUE(%SST(&REQUEST 329 10)) CHGVAR VAR(&DBOLIB) VALUE(%SST(&REQUEST 339 10)) CHGVAR VAR(&DBOMBR) VALUE(%SST(&REQUEST 349 10)) IF COND((&DBFID = &X1805)) THEN(DO) /* OVERRIDE */ IF COND(&DBOLIB = 'UP_LIB') THEN(GOTO LOG) IF COND(&DBOLIB = 'DOWN_LIB') THEN(GOTO LOG) CHGVAR VAR(&RC) VALUE('0') ENDDO /* log request in the audit journal */ LOG: CHGVAR VAR(&TYPE) VALUE('Z' *CAT &RC) SNDJRNE JRN(QAUDJRN) TYPE(&TYPE) ENTDTA(&REQUEST) EXIT: ENDPGM

30

31 Outline

Outline

Exit Program Overview Sample Exit Programs Client Access File Transfer Other exits FTP & Telnet Design Alternatives

31

32 Outline

Outline

Exit Program Overview Why do I need exit-programs? What is purpose of exit-programs? If exit-programs don’t exit, why are they called exit programs? Sample exit program Limit file transfer and commands Design Alternatives

32

33 Compare to constant

Compare to constant

Exit Design Alternative

Advantages Excellent performance Easy to determine program flow Limitations Must recompile program to make any change Security specification uses a different technique

IF (&USER = ’ELLEN ’)

Constant

33

34 Read from File

Read from File

Exit Design Alternative

Advantages Good performance Add and remove users without recompiling program Limitations Program logic more complex Security specification uses a different technique

34

35 Exit Design Alternative

Exit Design Alternative

Authorization list users

Advantages Good performance Add and remove users without recompiling program Security specification uses a same technique Limitations Program logic more complex

35

36 Check an Authorization List

Check an Authorization List

IF COND(………………. ) THEN(DO) CHKOBJ OBJ(QSYS/FILEREAD) + OBJTYPE(*AUTL) AUT(*USE) MONMSG MSGID(CPF9800) + EXEC(CHGVAR &RC '0') GOTO LOG ENDDO

Possible to check for different authorities *USE for Read actions *CHANGE for Update actions

36

37 File Transfer Transactions

File Transfer Transactions

37

38 Summary

Summary

38

39 SUMMARY

SUMMARY

Menu security is not adequate to limit a user. You must protect data from access via the other Client Access servers:

Use exit programs to supplement object security

• FILE TRANSFER

• REMOTE COMMANDS

• FOLDER ACCESS

39

40 Summary

Summary

Specifying exit program using network attributes is not recommended Increase overhead Network attributes a limited set of exits

Use Registration Facility to specify exit programs

40

41 Information Sources

Information Sources

Exit Point Documentation Client Access (File transfer, ODBC) AS/400 Client Access Host Servers SC41-5740 Distributed Data Management (DDM, remote commands) AS/400 Distributed Data Management SC41-5307 Internet (Telnet, FTP) TCP/IP Configuration and Reference SC41-5420 Security System API Reference Security APIs SC41-5872

41

42 Information Sources

Information Sources

MANUALS SC41-5300 Tips and Tools for Securing Your AS/400 SC41-5301 AS/400 Security Basic SC41-5302 AS/400 Security Reference Internet S325-6321 IBM Secure Way AS/400 and the Internet G325-6321 AS/400 and the Internet SG24-4929 AS/400 Internet Security: Protecting Your AS/400 from HARM on the Internet

42

43 More ?

More ?

Jim Stracka j.stracka@pentasafe.com www.pentasafe.com 713-860-9412 - direct

43

«AS400 Security»
http://900igr.net/prezentacija/anglijskij-jazyk/as400-security-107814.html
cсылка на страницу
Урок

Английский язык

29 тем
Слайды