DataDirect Mainframe Security Optimization Management
As Service-Oriented Architectures (SOA) and Web services continue to gain acceptance, the seamless re-use of mainframe data, programmatic, and screen-based processes is becoming routine. Mainframe integration products such as Shadow z/Services and z/Services Consumption allow the mainframe to participate in SOA as both a service provider and a service consumer.
Click Graphic for a full-sized image
Eliminating The Mainframe Web Services Bottleneck
This stateless SOAP protocol calls attention to the need for appropriate security and management features, Shadow's SSL support and Security Optimization and Management enhancements reinforce existing mainframe security protocols provide the ability to properly authenticate and authorize each and every SOAP request. The overhead of addressing sign-on processing for the thousands of Web services related connections back to the mainframe security manager creates a potential bottleneck that can throttle application performance and waste CPU cycles.
Shadow incorporates Security Optimization & Management (SOM) into its framework as a standard feature. For any process requiring authentication - for example, a Web service or SQL call - SOM works in conjunction with the established client and host security protocols to optimize user authentication for sign-on processing.
Real Reduction In Overhead
This results in a significant reduction in resource costs associated with processing of loosely-coupled connections. DataDirect Technologies testing shows an overall reduction of 138% in authentication overhead for more than 99.3% of the processes requiring authentication. This is faster than IBM's VLM.
Support for SSL Encryption
Shadow can optionally support SSL encryption of communications between distributed applications and the mainframe. SSL is one of the highest client/server security standards in use today. The support of the SSL module meets the most demanding security needs in the industry.
SSL, a program layer between an application and TCP/IP, provides data encryption, server authentication, message integrity and optional client authentication for a TCP/IP connection. The term "sockets" refers to the method used to pass data back and forth between a client and server, or between program layers in the same computer. To do this, SSL uses the public and private key encryptions system, including the issuance of a digital certificate.
Shadow fully supports the choreography of SSL between the application platform suite and the mainframe. Shadow facilities manage digital certificates and exploit the cryptographic co-processor on mainframes for enhanced performance.
Making Web Services Viable
Shadow's security enhancements SOM and SSL combine to make Web services, as well as any other authentication request on the mainframe, viable by eliminating the overhead of authenticating thousands of loosely-coupled connections. The mainframe can serve as a lynchpin in a corporate SOA strategy - encapsulating mission-critical applications and data as XML-based Web services for consumption by service requesters inside and outside the firewall.
| More Information | |||||||||||||||||
|
