HI, Again, Nothing to do with queries from PC (I am not going to do it).
The disks which are connected with fiber can access the disk from PC and another PC can access the PC with the fiber and security is not OK. I have another solution, I only enable special IP to access my PC Server. Yes, the protection is full. Nobody except ip1 and ip2 can access the PC Server. There is noway to broken to the PC Server data!!!. XIV support open systems only protocol and my PC Server can put data also in XIV storage and also in EMC (connected to PC) which will be connected to the PC with the MFNetDisk PC server. Maybe you miss my point, all the available storage which can be connected to PC are OK to PC Server!!! PC Server is protected the same as IBM, HDS and EMC! Thanks, Shai On 1/28/08, Itschak Mugzach <[EMAIL PROTECTED]> wrote: > > Hello Shai, > > I haven't read all this thread but let me clarify some things: > Regarding Accessing DB2 from PC, it is not a big deal. I know many > products > that done that and yours can be easily on of them. The issue of > identifying > your self to RACF is easy. RACF supports a one time password mechanism, > the > PASS TICKET". This is a published interface that you can code anywhere any > language (I know one in REXX). The pass ticket generator is based on the > USERID (that you have to associate with the requestor), a time and a known > key shared between your pass ticket generator & RACF. It can be common or > user specific. Now that the "RACF" problem has been solved, Let me deal > with > the "shared disk" idea of yours. > > I think that the main issue here is the need. Why should one put his > valued > data on an unsecured (for all reasons) PC? At the same time, z/OS offers > some secure ways of data sharing like NFS. The enterprise storage boxes > are > using raw (FBA) devices. This means that they already using cheap storage. > Part of them, like XIV are even stating that. From other hand, they > supplies > many ways to protect the data, not from a server point of view, as they > are > not "servers". They use zoning, physical port allocation, address ranging > protection and of course RAID-5 (or other RAID technology) that implement > striping. The APIs you are referring are not accessible by every end user, > are protected and can access only specific device types. BTW, I know other > solutions that captures mainframe I-O and use IP to pass it the other > machine. If you want some name, call me. > > Any way, you did a nice effort so far. > > > Itschak Mugzach, Director > SecuriTeam Software ltd. > Tel: +972 (522) 986404 > Skype: Securiteam-Software > Email: [EMAIL PROTECTED] > Gmail: [EMAIL PROTECTED] for large mails > > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On > Behalf > Of shai hess > Sent: Monday, January 28, 2008 8:33 PM > To: [email protected] > Subject: Re: DB2 queries without using MF. > > HI, > > I think that there is a lot of confusion here. > > We talk about two subjects, Query DB2 from PC and emulate 3390, mirroring > etc... > > > About DB2, OK there is no RACF in PC, without RACF the security is not OK. > > About my product MFNetDisk with data in PC, I see a lot of confusion. I am > RACF supporter as IBM, EMC, HDS disks are RACF supporter. > > Nobody from MF can access my data if RACF does not allowed it!!! RACF is > my > master, I will never do anything without RACF permission. > > Can you explain me what is wrong with data in PC and not in IBM, HDS, EMC > PCs inside their boxes? > By the way two of these companies allowed accessing the data from PC using > API, Why I can not do the same? > > Thanks, > Shai > > > On 1/28/08, Chase, John <[EMAIL PROTECTED]> wrote: > > > > > -----Original Message----- > > > From: IBM Mainframe Discussion List On Behalf Of Lars Poulsen > > > > > > Shai, > > > > > > Frankly, it seems that you do not understand the security issue, > > > which is driven by specific laws in the USA, including most famously > > > 1) HIPPA - Health Insurance Privacy Protection Act > > > > Not being in the "health industry", I hadn't heard of that one. But > > another important piece of "related" legislation with a very similar > > abbreviation is HIPAA, "Health Insurance Portability and > > Accountability Act", which affects "all of us" in the US (at minimum). > > > > -jc- > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, send > > email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO > > Search the archives at http://bama.ua.edu/archives/ibm-main.html > > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send email > to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the > archives at http://bama.ua.edu/archives/ibm-main.html > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO > Search the archives at http://bama.ua.edu/archives/ibm-main.html > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
