Figures
1. Enterprise-Wide Security Architecture and Solutions . . . . . . . . . . . . 1
2. Customer Testimonials
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
3. Current Environment
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
4. Security is a Serious Customer Problem
. . . . . . . . . . . . . . . . . . . 6
5. Threats in Today′s Electronic World
. . . . . . . . . . . . . . . . . . . . . . 8
6. Leading User Group Requirements
. . . . . . . . . . . . . . . . . . . . . . 10
7. Strategic Security Drivers
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
8. Security Standards and Criteria
. . . . . . . . . . . . . . . . . . . . . . . . 17
9. Responding to Customer Needs
. . . . . . . . . . . . . . . . . . . . . . . . 19
10. Developing a Security Policy
.......................... 22
11. The Security Process Cycle
........................... 23
12. IBM Security Strategy and Architecture
.................... 25
13. IBM Security Strategy (Stage1)
......................... 26
14. IBM Security Strategy (Stage2)
......................... 29
15. IBM Security Architecture
............................ 30
16. System Integrity, Assurance and Trust
.................... 32
17. Security Services
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
18. Security Mechanisms
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
19. Security Mechanisms
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
20. Identification and Authentication Service
................... 41
21. Entity Authentication Mechanism
........................ 42
22. Access Control Service
............................. 45
23. Access Control Mechanisms
.......................... 46
24. Confidentiality Service
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
25. Encipherment/Decipherment Mechanisms
. . . . . . . . . . . . . . . . . . 52
26. Data Integrity Service
.............................. 54
27. Data Integrity Mechanisms
........................... 55
28. Non-Repudiation Service
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
29. Digital Signature Mechanism
.......................... 59
30. Security Management, Audit and Policy
................... 61
31. IBM Security Architecture Summary
...................... 63
32. IBM′s Ongoing Commitment
.......................... 64
33. Standards, Interfaces and Architectures
................... 67
34. Standards, Interfaces and Architectures (continued)
............ 69
35. Related Strategies and Architectures
..................... 71
36. IBM′s Open Blueprint
.............................. 72
37. DCE Security Services
.............................. 75
38. Object Oriented Security
............................. 77
39. System Management (SystemView)
...................... 81
40. Information Warehouse
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
41. IBM Common Cryptographic Strategy
..................... 86
42. Security Evaluation Strategy
.......................... 88
43. Platform Security
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
44. Platform Security Support Overview
...................... 92
45. MVS/ESA and RACF
............................... 93
46. MVS/ESA Open Edition
.............................. 96
47. VM/ESA and RACF
................................ 98
48. System Authorization Facility (SAF)
..................... 100
49. OS/400
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
50. AIX/6000
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
51. OS/2
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Copyright IBM Corp. 1995 ix