PHP is rapidly becoming - if not already - the defacto-standard for Web application development and deployment. Writing PHP applications that accurately enforce your security policies requires knowledge of the general architecture of PHP as well as the i5/OS specific components of the architecture.

1. I5/OS Security in a PHP World Patrick Botz VP, Security Consulting Group8 Security, Inc. www.group8security.com

45. ABOUT GROUP8 SECURITY: At Group8, we believe that IT security is first and foremost a business issue. It has technical aspects but is not inherently a technical problem. Security is something a company does, not something they have or can buy. Our mission is to partner with you to help define, implement, and manage your security. We'll do this by helping you establish and manage business processes that lead to sound IT security business decisions. Together we'll define security objectives in terms of business requirements, and make technical decisions based on costs and return on investment as well as the effectiveness of the technical measures employed to enforce business objectives. Group8 Security, Inc. 4790 Caughlin Pkwy, Suite 398 Reno, NV 89519-0907 Tel: 775-852-8887 www.group8security.com ABOUT THE SPEAKER: Pat Botz heads up security consulting for Group8, bringing his extensive experience in system security planning to our customers. Prior to joining Group8, Pat served as the Lead Security Architect and Team Leader for the IBM, working on some of the most widely used midrange servers is the business world with a focus on authentication, authorization, auditing, and ease of use. Following his work on System i and the IBM Virtualization Engine, Pat founded the IBM Lab Services security consulting practice with a primary focus on helping customers meet various industry regulations such as SOX, PCI DSS, and SAS 70. He additionally worked to help customers improve the effectiveness and efficiency of their current security management processes, assisting them with moving to exclusionary access control models, eliminating passwords in various environments, managing User IDs, implementing encryption, and auditing on various platforms. Pat is co-author of the book /Expert’s Guide to OS/400 and i5/OS Security/, and has published numerous articles in the trade press and IBM magazines. He is also a noted worldwide security conference speaker, presenting at various conferences and in webcasts including COMMON, IBM Technical Conference, various user groups, St. Cloud State University Security conference, and IBM Business Partner conferences.