IBM DB2 Web Query for i is a replacement for the venerable Query/400 utility. It is used for generating business reports from data stored in DB2 databases on IBM i. It sports a browser-based interface and can generate formatted and interactive reports in multiple formats including spreadsheet, PDF, and HTML.

Until very recently DB2 Web Query did not support SSO via the Kerberos authentication protocol. Many IBM i interfaces support the Kerberos protocol, including telnet server, Client Access host servers (which includes several different interfaces include iNavigator for Windows), ODBC, Apache Web server, Netserver, FTP client, and others. So the lack of Kerberos support in DB2 Web Query was noticeable and frustrating.

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in IBM i Security, Information Security, Single Sign-On (SSO) | Tagged , , , , | Leave a comment

I find this authentication mechanism for accessing Web sites and which was proposed in October 2013 very interesting.  The main reasons it’s interesting are that it would be so much easier to register at Web sites, authentication is based on public key cryptography, and users wouldn’t have to remember passwords OR userIDs.  Oh, and did I mention it relies on QR codes?  Could it be a replacement for userIDs and passwords that we can’t remember or if we can can be easily compromised?

Continue reading

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Botz Blog, Encryption, IBM i Security, Info Security Mgmt, Information Security, Mobile Security | Tagged , , , , | Leave a comment

I recently collaborated with Patrick Townsend, CTO Townsend Security, on an encryption key management white paper.  The paper is targeted at the IBM i audience but actually contains useful information for folks using any platform.

Continue reading

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Botz Blog, Compliance, Encryption, IBM i Security, Info Security Mgmt, Information Security | Tagged , , , , , , | Leave a comment

 Many customers download or update data to/from IBM i using XCEL spreadsheets.  When they start using Kerberos authentication, end users won’t want to sign-on when they access data through XCEL.

Continue reading

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Botz Blog, IBM i Security, Single Sign-On (SSO) | Tagged , , , , , , | Leave a comment

IBM recently (the week of 9/13/2013) released a security bulletin discussing 45 different flaws — some of which are potentially critical — that can impact Java running on IBM i.

Continue reading

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Botz Blog, IBM i Security, Info Security Mgmt, Information Security | Tagged , , , , | Leave a comment

An interesting article in Marsha Hofmann in Wired claims that while the 5th amendment protects your right to not reveal a password, it doesn’t protect your right not to provide your fingerprint.

Continue reading

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Biometrics, Botz Blog, Info Security Mgmt, Information Security, Single Sign-On (SSO) | Tagged , , , | Leave a comment

A popular password cracking tool was recently updated to handle passwords up to 55 characters in length. The tool, ocl-HashCat-Plus, was previously limited to passwords up to 15 characters long.

Continue reading

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Biometrics, Botz Blog, IBM i Security, Information Security, Mobile Security, Single Sign-On (SSO) | Tagged , , , , , | Leave a comment

Thanks everyone that provided feedback on the whitepaper!  An updated version of the whitepaper is now available on the website under “Downloads”.  If you find/found it useful or interesting please send a link to your friends and colleagues!  Thanks again.

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Announcement, IBM i Security, Information Security, Single Sign-On (SSO) | Tagged , , , , , , , | Leave a comment

Over the summer I’ve helped a number of our customers to implement SSO who, not surprisingly, had a number of users running Windows 7.  I ran into problems with Netserver authentication apparently failing.  But the problems were very perplexing.

Continue reading

facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Botz Blog, IBM i Security, Single Sign-On (SSO) | Tagged , , , , , , | Leave a comment

The ongoing NSA snooping saga illustrates an important concept in security; regardless of whether or not the behavior by our government concerns you.

Everyone has probably heard the adage that there is no such thing as perfect security. And you have probably also heard that security is a tradeoff between cost and risk.  The more risk you attempt to mitigate the more it is going to cost.
The NSA’s activities which have come to light is a great example of cost verses risk.  In this case, in an attempt to prevent another major terrorist attack in the US mounted by people already in the US, the government is gathering metadata (i.e. data about data) about US citizens in this country.  The tradeoff for US citizens is some amount of privacy.
facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Botz Blog, Info Security Mgmt, Information Security | Tagged , | Leave a comment