Your SlideShare is downloading. ×
Safety Review of a NonStop Data Center
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Safety Review of a NonStop Data Center

344
views

Published on

Lessons learned from a safety review last year are combined with some new ideas on how to protect NonStop applications against malware and spyware - presented at the International GTUG/Connect …

Lessons learned from a safety review last year are combined with some new ideas on how to protect NonStop applications against malware and spyware - presented at the International GTUG/Connect Conference April 2014

Published in: Technology

2 Comments
1 Like
Statistics
Notes
No Downloads
Views
Total Views
344
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
0
Comments
2
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Safety Review of a NonStop Data Center by Peter Haase
  • 2. Summary  Lessons learned from a safety review last year are combined with some new ideas on how to protect NonStop applications against malware and spyware.
  • 3. “Safety Review of a NonStop Data Center”  „NonStop Data Center“  „Review“  „Safety“  Review Procedure  Review Checklist  Audit Trail Analysis  Risk: Denial of Service  Risk: Malware  Risk: Spyware  References
  • 4. NonStop Data Center  Unit with several NonStop Systems  Guardian, Pathway, TMF, Enscribe, SQL/MP  Operated by an infrastructue-as-a-service supplier
  • 5. Review  Part of an Audit on a banking application  Control of outsourced data processing  8 Items to control according to German Law  Access control on building and rooms  Access control on hardware and operating system  Access rights  Data transmission and transport  Data entry  Contractor  Availability  Data Separation
  • 6. Safety  Availability  NonStop and RDF  Replication tools for non-audited files  Emergency planning  The Denial-of-Service problem  Integrity  TMF and audited files  Audit trail analysis  Confidentiality  Guardian Security and SAFEGUARD  SECOM ID mapping and command level security  Protection against Malware and Spyware
  • 7. Review Procedures  Project Management  Before Start of Review  Guidelines for Documentation  Tools for Checking and Auditing  Checklists and Standards  Start of Review  Charts of involved organisations  Available Documentation  Past issues / Special risks  Review  Design  Operation
  • 8. Review Checklists Availability Integrity Confidentiality Emergency Planning Inventory HW, SW, Subsystems, Data files SW version, Data Dictionary PROGID, LICENSE, system interfaces Planning Monitoring HW, SW, critical events Audited DB, Audit Trail Analysis, Runtime Lib, ENSCRIBE data Session log, 4-eyes, SAFEGUARD audit, SECOM log Tests and Training Control Performance and Tuning, DoS Risk System and subsystem configuration, Malware Risk Deleted data files, Backup data, Users: super.* and *.super, Spyware Risk Confidential data
  • 9. Audit Trail Analysis  Find Long-running transactions  Find transactions that have damaged a database  Locate specific data field/column changes  Detect bugs in applications  Search for unauthorized transactions
  • 10. Risk: Denial of Service  Compiler, Binder, Debugger on Production System  TAL examples:  corrupting a cpu  ?Source $system.system.extdecs0 (alter_priority_) Proc Test Main; Begin While 1 do begin alter_priority_(199); End;  corrupting a volume  ?Source $system.system.extdecs0 (file_create_) Proc Test Main; Begin String .system[0:35] := „$system“; Int Len := 7; While 1 do begin file_Create_(SYSTEM:36,Len); End  But, same effects possible by TACL programming
  • 11. Risk: Malware  Security for files belonging to functional user  Data and program files  Especially: *CSTM and *LOCL and *CTL files  Default: no echo from FUP  Command „Password“ in TACLCSTM deletes current password  User and security setting for PATHWAY Management  SET PATHWAY OWNER <group>, <user>  SET PATHWAY SECURITY “<O or U>"
  • 12. Risk: Spyware  LINKMON server class access security SET SERVER OWNER <group>, <user> SET SERVER SECURITY “<O or U>"  But, access to server processes is still possible.  Default: Any process can open a process and send a message.  Possible Solutions  Adding logic to server program for checking requestors  SAFEGUARD ACLs on the process name  SAFEGUARD active and tool PS-Shell
  • 13. References  Product CS-TP-SPY (Audit Trail Analysis) of CS-Software Gmbh Dr. Werner Alexi Schiersteiner Straße 31, 65187 Wiesbaden, Germany E-Mail: info@cs-software-gmbh.de  Ideas and Tools of GreenHouse Software & Consulting Ingenieurbuero Karl-Heinz Weber Heinrichstrasse 12, 45711 Datteln-Horneburg, Germany E-Mail: info@greenhouse.de  My list of 117 Greenhouse Tools as a give-away
  • 14. Peter Haase  Peter Haase Programmer, Trainer, Consultant for HP NonStop since 1981  D-56820 Mesenich/Moselle , Kirchstr. 12  +49-2673-98600  +49-171-8442242  info@peterhaase.de  www.peterhaase.de