DB2 Web Query Enabled for SSO

Posted on 12/09/2013 by Patrick Botz

IBM DB2 Web Query for i is a replacement for the venerable Query/400 utility. It is used for generating business reports from data stored in DB2 databases on IBM i. It sports a browser-based interface and can generate formatted and interactive reports in multiple formats including spreadsheet, PDF, and HTML.

Until very recently DB2 Web Query did not support SSO via the Kerberos authentication protocol. Many IBM i interfaces support the Kerberos protocol, including telnet server, Client Access host servers (which includes several different interfaces include iNavigator for Windows), ODBC, Apache Web server, Netserver, FTP client, and others. So the lack of Kerberos support in DB2 Web Query was noticeable and frustrating.

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in IBM i Security, Information Security, Single Sign-On (SSO) | Tagged , , , , | Leave a comment

SQRL: Interesting New Web Site Authentication Method

Posted on 11/14/2013 by Patrick Botz

I find this authentication mechanism for accessing Web sites and which was proposed in October 2013 very interesting.  The main reasons it’s interesting are that it would be so much easier to register at Web sites, authentication is based on public key cryptography, and users wouldn’t have to remember passwords OR userIDs.  Oh, and did I mention it relies on QR codes?  Could it be a replacement for userIDs and passwords that we can’t remember or if we can can be easily compromised?

Continue reading

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Botz Blog, Encryption, IBM i Security, Info Security Mgmt, Information Security, Mobile Security | Tagged , , , , | Leave a comment

Encryption Key Management White paper

Posted on 10/10/2013 by Patrick Botz

I recently collaborated with Patrick Townsend, CTO Townsend Security, on an encryption key management white paper.  The paper is targeted at the IBM i audience but actually contains useful information for folks using any platform.

Continue reading

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Botz Blog, Compliance, Encryption, IBM i Security, Info Security Mgmt, Information Security | Tagged , , , , , , | Leave a comment

Use Kerberos with XCEL ODBC transfers

Posted on 10/01/2013 by Patrick Botz

 Many customers download or update data to/from IBM i using XCEL spreadsheets.  When they start using Kerberos authentication, end users won’t want to sign-on when they access data through XCEL.

Continue reading

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Botz Blog, IBM i Security, Single Sign-On (SSO) | Tagged , , , , , , | Leave a comment

Java patches for IBM i

Posted on 09/20/2013 by Patrick Botz

IBM recently (the week of 9/13/2013) released a security bulletin discussing 45 different flaws — some of which are potentially critical — that can impact Java running on IBM i.

Continue reading

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Botz Blog, IBM i Security, Info Security Mgmt, Information Security | Tagged , , , , | Leave a comment

Can the government compel you to provide your fingerprint?

Posted on 09/16/2013 by Patrick Botz

An interesting article in Marsha Hofmann in Wired claims that while the 5th amendment protects your right to not reveal a password, it doesn’t protect your right not to provide your fingerprint.

Continue reading

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Biometrics, Botz Blog, Info Security Mgmt, Information Security, Single Sign-On (SSO) | Tagged , , , | Leave a comment

55 character passwords no longer safe!

Posted on 08/27/2013 by Patrick Botz

A popular password cracking tool was recently updated to handle passwords up to 55 characters in length. The tool, ocl-HashCat-Plus, was previously limited to passwords up to 15 characters long.

Continue reading

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Biometrics, Botz Blog, IBM i Security, Information Security, Mobile Security, Single Sign-On (SSO) | Tagged , , , , , | Leave a comment

Thanks for feedback!

Posted on 07/18/2013 by Patrick Botz

Thanks everyone that provided feedback on the whitepaper!  An updated version of the whitepaper is now available on the website under “Downloads”.  If you find/found it useful or interesting please send a link to your friends and colleagues!  Thanks again.

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Announcement, IBM i Security, Information Security, Single Sign-On (SSO) | Tagged , , , , , , , | Leave a comment

Netserver problems with SSO in Windows 7

Posted on 07/15/2013 by Patrick Botz

Over the summer I’ve helped a number of our customers to implement SSO who, not surprisingly, had a number of users running Windows 7.  I ran into problems with Netserver authentication apparently failing.  But the problems were very perplexing.

Continue reading

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Botz Blog, IBM i Security, Single Sign-On (SSO) | Tagged , , , , , , | Leave a comment

NSA “Snooping” and Security Tradeoffs

Posted on 06/26/2013 by Patrick Botz

The ongoing NSA snooping saga illustrates an important concept in security; regardless of whether or not the behavior by our government concerns you.

Everyone has probably heard the adage that there is no such thing as perfect security. And you have probably also heard that security is a tradeoff between cost and risk.  The more risk you attempt to mitigate the more it is going to cost.
The NSA’s activities which have come to light is a great example of cost verses risk.  In this case, in an attempt to prevent another major terrorist attack in the US mounted by people already in the US, the government is gathering metadata (i.e. data about data) about US citizens in this country.  The tradeoff for US citizens is some amount of privacy.
facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Botz Blog, Info Security Mgmt, Information Security | Tagged , | Leave a comment