123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Computers >> View Article

Secure Transfers On Z/os Ftp With Data Encryption

Profile Picture
By Author: Nate Rodney
Total Articles: 499
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

In a standard FTP session, all the data, including log-in credentials, are transferred in plain text. It is easy to snoop around an FTP transmission and capture sensitive data, resulting in great loss for a business. Mainframes contain business–critical information, so FTP use on the mainframe can be fatal for an organization.

File transfer technologies on z/OS
To avoid security issues caused by using FTP, the protocol has been extended a number of times with different security protocols/technologies. The security protocols/technologies provide authentication mechanisms to identify both ends of a connection, message integrity to ensure messages don't change in transit, confidentiality protection to prevent eavesdropping, and non-repudiation to provide undeniable proof that a message was sent and received, and by whom. They help to mitigate identity theft, theft of service, and eavesdropping. They ensure accountability. Most security technologies provide similar functions. They differ chiefly by operating at different layers of the IP stack layer.

On the z/OS platform, the most common technologies ...
... for secure file transfer are IPSec, SSH, and SSL/TLS.

Understanding SSL/TLS
FTP over SSL/TLS, better known as FTPS, is an extension that adds security to regular FTP by adding SSL (Secure Sockets Layer) and TLS (Transport Layer Security) cryptographic protocols. SSL is the original version of the technology. TLS is its successor. SSL/TLS is commonly used to protect HTTP sessions (the HTTPS protocol) as well as FTP sessions (FTPS).

SSL and TLS are widely recognized protocols that allow mutual authentication by establishing an authenticated and encrypted communication between the client and the server. Strong authentication, privacy, message integrity, algorithm flexibility, and ease of deployment and use are a few of the benefits of using SSL/TLS over other methods. On z/OS, SSL/TLS can be used by configuring AT-TLS (application-transparent TLS), which implements SSL/TLS security at the TCP transport layer, rather than at individual applications.

Cryptographic encryption
In cryptographic encryption, mathematical algorithms are used to transform data. The encrypted data is unreadable without the help of a secret key. The longer the key, the stronger the security. The chief limitation of cryptographic encryption is that it is CPU-intensive. It increases processor loads and thus affects system performance.

There are two types of encryption keys: symmetric and asymmetric.

Symmetric keys
Also known as conventional cryptography or secret-key encryption, this strategy requires both the client and the server to share a common key, which is used to encrypt and decrypt a message. This type of encryption is fast and is often used for bulk encryption/decryption. The major disadvantage lies with the task of securely exchanging the key.

Asymmetric keys
Also known as public-key cryptography, this method requires two different keys: the public key is for encryption; the private key for decryption. You can send me your public key. I can encrypt and send to you a message that only you can read, because only you have the private key. Data encrypted with the public key can only be decrypted with the private key. There is no way to derive one key from the other. Drawbacks of this method, however, are expensive computing processes, slower speed, and poor performance for bulk encryption.

Digital signatures
A digital signature holds a message digest (a key mathematically derived from the message data) encrypted with the sender's private key. Anyone can decrypt the signature with the public key, though only the signer can encrypt it. And anyone can re-generate a new message digest and compare it to the one in the signature. If the two digests match, the message has not been tampered with. Thus a digital signature confirms that the authorized person sent precisely this message; no one else has modified the text or tampered with the signature. This way, digital signatures ensure the integrity of the message and provide non-repudiation.

Since 1982, Software Diversified Services is providing first-quality software and technical support for IBM mainframes and VM, VSE, and mainframe ftp and z/OS systems. The VitalSigns for FTP (VFTP) product from SDS, provides monitoring, reporting, and security controls for file transfers by z/OS FTP, IBM Ported Tools OpenSSH, and enables Tectia SFTP.

Total Views: 229Word Count: 663See All articles From Author

Add Comment

Computers Articles

1. Exploring How Ai In The Cloud Can Transform Your Business
Author: TechDogs

2. The Power Of Cloud And Ai: A New Era Of Collaboration
Author: TechDogs

3. Get Business Insights Using Expedia & Booking. Com Review Data Scraping
Author: DataZivot

4. Top 10 Reasons A Strong Communication Strategy Drives Prm Program Success
Author: Archi

5. Achieve Scalable Web Scraping With Aws Lambda
Author: Devil Brown

6. Overcoming Common Challenges In Iso 27001 Implementation
Author: Jenna Miller

7. Basic Computer Course: Your Gateway To Skill Development | The Institute Of Professional Accountants
Author: Tipa Institute

8. Top 7 Advantages Of React Js
Author: Bella Stone

9. Top 7 App Marketing Tools For Mobile Success
Author: Bella Stone

10. Revolutionizing Education Management With Samphire It Solution Pvt Ltd’s Erp Software
Author: CONTENT EDITOR FOR SAMPHIRE IT SOLUTIONS PVT LTD

11. Top 10 Healthcare Technology Trends
Author: goodcoders

12. "building Tomorrow’s Factories: The Role Of Automation & Robotics In Modern Manufacturing"
Author: andrew smith

13. The Ultimate Guide To The Best Ecommerce Plugin For Wordpress
Author: Rocket Press

14. Xsosys Erp: A Scalable Solution For Businesses In Any Industry
Author: Xsosys Technology(S) Pte. Ltd.

15. Rental Management Software: A Complete Solution For Car, Property, And Coworking Space
Author: RentAAA

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: