IBM Corporation

IMS Database Encryption for IMSPhiladelphia IMS User Group May 21, 2015

Dennis Eichelberger

IT Specialist, IMS Support – zGrowth Team of the Washington Systems Center

deichel@us.ibm.com

Really?

You can do this online

now.

Sophisticated attackers break through safeguards every day

SQL

injectionWatering

hole

Physical

access

MalwareThird-party

software

DDoSSpear

phishing

XSS Undisclosed

Attack types

Note: Size of circle estimates relative impact of incident in terms of cost to business Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2014

2011

Year of the breach

2012

40% increase

2013

500,000,000+ records breached

61% of organizations say

data theft and cybercrime

are their greatest threats2012 IBM Global Reputational Risk & IT Study

$3.5M+ average cost

of a data breach2014 Cost of Data Breach, Ponemon Institute

Compromises Take Weeks and Months to Discover

http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf?CMP=DMC-SMB_Z_ZZ_ZZ_Z_TV_N_Z038

Time span of events by percent of breaches

Data is the key target for security breaches…..… and Database Servers Are The Primary Source of Breached Data

http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf

2012 and 2013 Data Breach Report from Verizon Business RISK Team

Database servers contain your client’s

most valuable information

– Financial records

– Customer information

– Credit card and other account records

– Personally identifiable information

– Patient records

High volumes of structured data

Easy to access

WH

Y?

“Web application and database servers form another logical grouping, and once again

account for most of the records breached. That makes sense because, well, those assets

store a lot of records.”

Key concerns

Mainframe customers are more vulnerable to security incidents

Source: IBM Webinar 2/6/2014, Security Intelligence Solutions for System z and the Enterprise

“As mainframes become a major component in service-

oriented architectures, they are increasingly exposed

to malware. Web services on the mainframe have

significantly impacted security.”

Meenu Gupta

President, Mittal Technologies Inc.

The solution…

%concerned with privileged insiders50%concerned with advanced persistent threats21

%concerned with web-enabled z/OS apps29

%of customers agree that deploying multiple layers of defense provides the best mainframe protection

86

But System z is already secure - Why need more?

• Separation of duties

o Privileged users “need to know” vs abuse or mistake

o Trace-based auditing controlled by privileged users

o SAF plays a vital role in protection of data on z/OS, but is not tamper-resistant and actionable

• Achieving audit readiness is labor-intensive and introduces latency

o RACF lacks sufficient granularity for reporting

o IMS logging is real time, But reporting of that information is usually ‘after the fact’

• Real time vs. batch processing

o Batch processing of audit data from external sources prevents real time alerting

8

Data Protection Drivers

Industry Compliance

Regulatory Compliance

Information Governance

9

Industry Compliance Driving Data Protection

PCI “Payment Card Industry” compliance…

• World-wide accepted standards that protect against credit

card fraud- Requires adaptation of business controls to protect against

compromising sensitive data

• Examples of standards

- Protect stored cardholder data

- Restrict access to cardholder data by business on a “need-to-

know”

- Restrict physical access to cardholder data

10

PCI “Payment Card Industry” compliance (cont’d)

• PCI standards require sensitive personal information of

credit card holders to be encrypted, including:

- Account number

- Expiration date

- Name and address

- Social Security number

• Compressed data is not acceptable as data encryption

• Many Encryption techniques and Algorthims

Industry Compliance Driving Data Protection

11

Regulatory Compliance Driving Data Protection

Governmental Regulations

• Basel III (2010-2011)− Measurement of total banking risk based on capital adequacy, stress

tests and market liquidity risks

• Sarbanes-Oxley Act (2002)• Strengthen financial reporting and internal controls by fixing

responsibility within a companies’ management

• HIPAA (1996)− Provide national standards for electronic health care records and

secure those medical records, prove how they have been used and who has used them

• Patriot Act (2001)- Prevent usage of the financial system to support illegal activities,

particularly terrorism

• Various anti-money laundering (AML)- Prevent the laundering of money derived from illegal activities

• Gramm-Leach-Bliley Act (1999)

- Protection of personally identifiable financial information (PII)

12

• CCA (Common Cryptographic Architecture)

• PKCS (Public-Key Cryptography Standards)

• OCSF (Open Cryptographic Services)

• ANSI (American National Standards Association)

• ISO (International Organization for Standardization)

• FIPS (Federal Information Processing Standards)

CryptoGraphic Standards

13

• Data Confidentiality

• Symmetric – DES/TDES, AES

• Asymmetric – RSA, Diffie-Hellman, ECC

• Data Integrity

• Modification Detection

• Message Authentication

• Non-repudiation

• Financial Functions

• Key Security & Integrity

CryptoGraphic Functions

14

Data Protection - Not Just an Activity for One Group

Initial concerns and questions

- What is the right database encryption solution?

- Would the application need to be modified?

- Would application performance be impacted?

- Which group will own key management?

- What is the security team’s role?

- What is the audit team’s role?

- What is IMS systems programmer role?

- What is the DBA’s role?

15

Focal Areas for a Strong Security Strategy

Encrypting the data

• Reduce the liability even if data is accessed, using encryption reduces the usability of that data

Monitoring access to the data

• Have visibility to data access -- identify who accessed data, when it was accessed or updated

Encryption is a technique used to help protect data from unauthorized access

Data that is not encrypted is referred to as “clear text”

Clear text is encrypted by processing with a “key” and an encryption algorithm

– Several standard algorithms exist, include DES, TDES and AES (next slide)

Keys are bit streams that vary in length

– For example AES supports 128, 192 and 256 bit key lengths16

Encryption Process

Encryption algorithm(e.g. AES)

Clear Text

Ciphertext (Encrypted Data)

Decryption Process

Encryption algorithm

Ciphertext

Clear Text

Key

Key

Encryption Algorithms – Which Ones Are Best?

DES (Data Encryption Standard)

− 56-bit, viewed as weak and generally unacceptable today by the NIST

TDES (Triple Data Encryption Standard)

− 128-bit, universally accepted algorithm

AES (Advanced Encryption Standard)

− 128- or 256- bit, newest commercially used algorithm

What is acceptable?

– DES is viewed as unacceptable

– TDES is viewed as acceptable and compliant with NIST (National

Institute of Standards and Technology)

– AES 128 or 256 is also viewed as acceptable and strategic

17

Encryption Algorithms – Which Ones Are Best?

DES (Data Encryption Standard)

− 56-bit, viewed as weak and generally unacceptable today

18

Plain text Encrypted textEncrypt

Reverse to Decrypt

Key 1

Encryption Algorithms – Which Ones Are Best?

TDES (Triple Data Encryption Standard)

− 128-bit, universally accepted algorithm

Note: same key can be used for each step for DES compatibility

Plain text Cipher text 1

Encrypt

Reverse process to Decrypt

Key 1 Cipher text 2

Cipher text 3

Key 2 Key 3

EncryptDecrypt

Encryption Algorithms – Which Ones Are Best?

(Advanced Encryption Standard)

− 128- , 192- or 256- bit, newest commercially used algorithm

Rijndael Algorithm

• Block Cipher (16-byte blocks)

• 128, 192, 256-bit Key Length

• Multiple Rounds

• Four Steps per Round

Byte Substitution

Shift Row

Mix Column

Add Round Key

Encryption Algorithms – Which Ones Are Best?

For more information:

– TDES NIST Special Publication 800-67 V1 entitled

"Recommendation for the Triple Data Encryption Algorithm

(TDEA) Block Cipher" and can be found at

http://csrc.nist.gov/publications/nistpubs/800-67-Rev1/SP-800-67-Rev1.pdf

– TDES NIST FIPS Publication 197 entitled "Announcing the

Advanced Encryption Standard (AES)" and can be found at

http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

21

Why do we care about lengths a of keys and hashes?

The longer a key the lower the probability to guess the right key

The longer a hash the lower the probability to guess a matching text for a given

hash – Key and hash sizes that are considered secure change over time

Crypto Cryptography is not security, it is only low probability!? - But “Low” is

“VERY LOW”!

NIST 800-131a -- that provides guidance on key sizes, algorithms and time period to move to stronger hashes, longer keys and algorithms

Examples of sizes:

22

Integrated Cryptographic Service Facility (ICSF)

Provides: z/OS integrated software support for data encryption

Operating System S/W API Interface to Cryptographic Hardware

− CEX2/3C hardware feature for z114, z10 and z196

− CEX4S hardware feature for z12BC and z12EC

− CEX5S hardware feature for z13 (2x faster over CEX4S)

Enhanced Key Management for key creation and distribution

− Public and private keys

− Secure and clear keys− Master keys

Created keys are stored/accessed in the Cryptographic Key Data Set (CKDS) with unique key label− CKDS itself is secured via Security Access Facility

See Reference Section of this presentation for more details23

What are Encryption Keys?

Master Keys

– Used to generate, encrypt, and store user keys into the CKDS (Cryptographic Key Data Set)

– Loaded into the CEXnn hardware, and stored NO WHERE else

User Keys (Data Encrypting Keys)

– Generated via ICSF services

– Stored inside the CKDS

– Public or Private

– Clear or Secure

– Used by the IBM InfoSphere Guardium Encryption Tool along with encryption algorithm to convert user data to Ciphertext

24

25

How can you as an IMS Support person

achieve this ?

Encryption in a Nutshell

26

InfoSphere Guardium Data Encryption for DB2 and IMS Databases

InfoSphere Guardium Data Encryption protects Sensitive and Private information minimizing the liability risks associated with Information Governance.

High Performance and Low overhead by using the available cryptographic hardware

Uses the major encryption algorithms

Conforms to the existing z/OS security model

Complies with Security and Privacy regulations

Implementation at the IMS segment level

No changes to application programs

IMS Encryption Flow

Encryption

1. IMS application program passes a segment REPL, ISRT, or LOAD request to the IMS control region. IMS uses the DBD to determine that a Segment Edit/Compression exit is required, so IMS loads the exit.

2. Exit invokes ICSF services, passing user-defined data encryption key label (provided by exit) and unencrypted segment.

3. When the segment has been successfully encrypted, the exit passes the segment back to IMS.

4. IMS then puts the encrypted segment into the database

IMS Decryption Flow

Decryption

1. IMS application program passes segment GET request to IMS control region. IMS determines, from DBD, that a Segment Edit/Compression exit is required, so IMS loads the exit.

2. IMS retrieves encrypted segment from the database.

3. IMS then calls the exit and passes it the encrypted segment. The exit invokes ICSF services, which passes the user-defined data encryption key label (provided by exit) and the encrypted segment.

4. When the segment has been successfully decrypted, the exit passes the segment back to IMS.

5. IMS passes the decrypted segment back to the application.

There are three routines supplied with Guardium

DECENA01 – IMS Clear Key Exit routine

DECENB01 – IMS CPACF Protected Key exit routine

DECENC01 – IMS Secure Key exit routine

These routines are found in the installed dataset hlq.SDECLMD0

InfoSphere Guardium Data Encryption for DB2 and IMS Databases

To create an exit that encrypts and decrypts IMS data, the Tool can be implemented in one of two ways:

1) Through JCL. The product provides sample jobs where the JCL can be modified to meet your needs for encrypted IMS databases.

2) Using the ISPF interface. An ISPF dialog is available for you to create customized jobs for encrypting IMS database segments.

Both processes allow:- A Standalone Encryption/Decryption routine

- Encryption/Decryption in combination with database Compression.

InfoSphere Guardium Data Encryption for DB2 and IMS Databases

Through JCL.

The product provides sample jobs where the JCL can be modified to meet your needs for encrypting IMS databases. These jobs can be found in the distribution libraries: hlq.SDECSAMP

Each job link edits the selected exit routine with the required Integrated Cryptographic Service Facility (ICSF) callable services.

DECIMSCK – Clear Key links DECENA01DECIMSCB – Protected Key links DECENB01DECIMSJB – Secure Key links DECENC01

DECIMSDV – Driver exit for both compressed and encrypted IMS segments

InfoSphere Guardium Data Encryption for DB2 and IMS Databases

Using the ISPF interface.

An ISPF dialog is available for you to create customized jobs for encrypting IMS database segments. The ISPF dialog creates customized JCL based on the sample jobs from the previous slide and edited with the information the user supplies.

InfoSphere Guardium Data Encryption for DB2 and IMS Databases

How is crypto Implemented with the Data Encryption Tool for IMS?

• Implementing IMS Encryption with the Data Encryption Tool

o Generate Key using ICSF KGUP (Key Generation Update Program)

o Prepare your exit using Data Encryption Tool providing ICSF Keylabel

o Generate the DBD and ACB(s) to include the COMPRTN value

o Unload target database

o Activate the ACB to your IMS systems

o LOAD the target database

o /STA db

o Encryption is now operational

How is crypto Implemented with the Data Encryption Tool for IMS?

ISPF Dialog Walk through

InfoSphere Guardium Data Encryption – ISPF Main Menu

Selection 3 for Jobcard creation

Standard installation Jobcard information

InfoSphere Guardium Data Encryption – ISPF Main Menu

Selection 1 for an IMS Encryption Implementation

Selections:

1 = use to create an encryption exit that will be used standalone; that is

without co-existence with a compression routine

2 = use to create both an encryption exit and a driver module to call an

existing compression routine then the encryption exit

The F1 key provides help information for the screen displayed.

Encryption routine is called DSECLEAR

The label (name) of the Encryption key that has been previously created by a security administrator

IMS Clear key selected

CSF lib = Installation Encryption services datasetZAP lib = Dataset containing AMASPZAP programSMP lib= Installed Guardium load datasetEXIT lib = Load dataset for the new Encryption exitExit Name = Load module name for the new Encryption exit

Encryption program is called DSECLEAR

Guardium supplied Clear Key exit routine

Here is the generated JCL to create the Encryption/Decryption routine link edit. The two ICSF CSNBnnn routines are included and the resulting executable module is place into the dataset DDS0027.ENCRYPT.LOADLIB member DSECLEARRemember the DDS0027.ENCRYPT. LOADLIB must be in the IMS region’s STEPLIB DD or the module must be copied to an existing dataset in the STEPLIB DD

Encryption program DSECLEAR to be ZAP’d

Encryption Key Label being ZAP’d into DSECLEAR

Here is the generated JCL to create the ZAP onto Encryption/Decryption routine. Our Key Label is previously defined and resides in our ICSF dataset. This defined label is ZAP’d onto the routine providing the encryption key to be used.

Now let’s try a combination Compression and Encryption implementation.

The Compression and the Encryption routine must be available.

Here is the input to create the Link edit job for the combination module. The Driver module will be called DSEEXIT.It will include a Compression/Decompression routine named DSECOMP.It will include an Encryption/Decryption routine called DSECRYPT.Both of these modules must already exist in the named datasets.

The first step of the Link edit job creates the IMS Driver module name in the target load dataset. (SYSLMOD)

The second step of the Link edit job includes the named Compression routine and the named Encryption routine to create the composite module named DSEEXIT in the target load dataset.

Available Compression routine

Available Encryption routine

New Driver module to invoke Compression & Encryption

How is crypto Implemented with the Data Encryption Tool for IMS?

• Implementing IMS Encryption with the Data Encryption Tool

o Generate Key using ICSF KGUP (Key Generation Update Program)

o Prepare your exit using Data Encryption Tool providing ICSF Keylabel

o Generate the DBD and ACB(s) to include the COMPRTN value

o Unload target database

o Activate the ACB to your IMS systems

o LOAD the target database

o /STA db

o Encryption is now operational

InfoSphere Guardium Data Encryptionfor DB2 and IMS Databases

IMS DBD update

COMPRTN = is added

The value of DATA Encrypts only the segment data

This value may be entered as KEY to Encrypt any segment field

Generate the DBD and the ACB(s)

DBD NAME=F2O1P4,ACCESS=(HDAM,OSAM),RMNAME=(DFSHDC40,10,100)

DSG001 DATASET DD1=F2O1P41,DEVICE=3380,SIZE=(8192),SCAN=1

*

SEGM NAME=ROOT,BYTES=20,PTR=(TB),

PARENT=0,COMPRTN=(DSEEXIT,DATA,INIT)

FIELD NAME=(ROOTKEY,SEQ,U),BYTES=10,START=1,TYPE=C

FIELD NAME=ROOTFLD1,BYTES=1,START=4,TYPE=C

FIELD NAME=ROOTFLD2,BYTES=1,START=5,TYPE=C

How is crypto Implemented with the Data Encryption Tool for IMS?

• Implementing IMS Encryption with the Data Encryption Tool

o Generate Key using ICSF KGUP (Key Generation Update Program)

o Prepare your exit using Data Encryption Tool providing ICSF Keylabel

o Generate the DBD and ACB(s) to include the COMPRTN value

o Unload target database

o Activate the ACB to your IMS systems

o LOAD the target database

o /STA db

o Encryption is now operational

Clear IMS data

How is crypto Implemented with the Data Encryption Tool for IMS?

• Implementing IMS Encryption with the Data Encryption Tool

o Generate Key using ICSF KGUP (Key Generation Update Program)

o Prepare your exit using Data Encryption Tool providing ICSF Keylabel

o Generate the DBD and ACB(s) to include the COMPRTN value

o Unload target database

o Activate the ACB to your IMS systems

o LOAD the target database

o /STA db

o Encryption is now operational

Encrypted data

Encrypted IMS data

InfoSphere Guardium Data Encryptionfor DB2 and IMS Databases

IMS Database segment level Encryption

• Application Transparent

• Acceptable overhead when accessing the database segment

• No Additional Security

• The Database must be Unloaded and Loaded to implement encryption

• Indexes may be encrypted

Defense in Depth of DB2, IMS, and VSAM Data • First Layer - Encryption (this forces only access to clear text data must be in the form of an SQL or

DLI statement) – IBM InfoSphere Guardium Encryption Tool for DB2 and IMS Databases

• Second Layer - Database Activity Monitoring (this ensures each DLI statement is inspected, audited, and subject to security policy control) – Guardium Database Activity Monitoring

• Third Layer - Audit access to VSAM linear datasets – Guardium Datasets Activity Monitoring

• Fourth Layer - Implement business need to know control for critical data (this reduces abuse of privilege access) – DB2 10 Row masking and Column filtering; OPTIM On-Demand Masking

• Fifth Layer - Protect the use of unloads and extracts for the purpose of:

oTest data management and generation – Optim TDM/ Data Privacy

oUnloaded data for batch processes – IBM Encryption Facility for z/OS

oExtracts for external uses – IBM Encryption Facility for z/OS

oReplicated data – IBM InfoSphere Guardium Data Encryption

oBackup and Recovery assets

Gracias

Merci

Grazie

ObrigadoDanke

Japanese

French

Russian

German

Italian

Spanish

Brazilian Portuguese

Arabic

Traditional Chinese

Simplified Chinese

Thai

TackSwedish

Danke

DziękujęPolish

ReferencesTechDocs - http://www-03.ibm.com/support/techdocs/atsmastr.nsf/Web/TechDocs

• FQ123875 - Where do I find Performance numbers for z/OS Communications Server and for comparisons of network performance with and without security

• TC000087 - System SSL and Crypto on System z

• WP100810 - A Synopsis of System z Crypto Hardware

• PRS4660 - ICSF (HCR7780) and Crypto on zEnterprise Update

• WP101240 - IBM z10 DES Cryptographic Hardware Performance Versus z/OS Software DES

• PRS2680 - DRIVICSF - ICSF Stress Test and Reporting Tool for z/OS zSeries

• WP100647 - A Clear Key / Secure Key / Protected Key Primer

IBM Redbooks

Data Encryption for IMS - Reference Materials

• SC18-9549 IBM Data Encryption Tool for IMS and DB2 Databases User Guide

o Includes an appendix on activating crypto on your hardware

• ICSF Manuals

o SA22-7520 ICSF System Programmer’s Guide

o SA22-7521 ICSF Administrator’s Guide

• Redbooks

o DB2 UDB for z/OS Version 8 Performance Topics – SG24-6465

• Articles

o IMS Newletter article: “Encrypt your IMS and DB2 data on z/OS” -ftp://ftp.software.ibm.com/software/data/ims/shelf/quarterly/fall2005.pdf

Link to more information about this and upcoming tech talks can be found on the InfoSphere

Guardium developerWorks community: http://ibm.co/Wh9x0o

Please submit a comment on this page for ideas for tech talk topics.

Next tech talk: Checking in on Guardium Recent Enhancements

Speaker: Luis Casco-Arias, Product Manager

Date/time: Tuesday, March 24th, 2015 at 8:30 AM PACIFIC

Register here! https://ibm.biz/BdEkRJ

Reminder: Next InfoSphere Guardium Tech Talk