Encryption is good (if properly used), buzzwords are buzzwords.
Agreed!
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of R.S.
Sent: Wednesday, April 3, 2019 10:46 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Pervasive encryption and batch temporary datasets
W dniu
W dniu 2019-04-02 o 14:59, Allan Staller pisze:
Let me try it this way.
Is df/SMS encryption a pre-requisite to the z/14 "PERVASIVE ENCRYPTION"?
DFSMS encryption is technical feature, which apply to selected kinds of
datasets.
Pervasive Encryption is a buzzword which means nothing special
Dilbert: Pointed Headed Boss
https://www.youtube.com/watch?v=r8QvcJR3-RU
In a message dated 4/2/2019 9:31:16 AM Central Standard Time,
kees.verno...@klm.com writes:
PHB: p
--
For IBM-MAIN subscribe / signoff / archive access
age-
> > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
> > Behalf Of Allan Staller
> > Sent: Tuesday, April 02, 2019 8:59 AM
> > To: IBM-MAIN@LISTSERV.UA.EDU
> > Subject: Re: Pervasive encryption and batch temporary datasets
> > Let me t
temporary datasets
PHB: poly-beta-hydroxybutyrate?
Kees.
> -Original Message-
> From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
> Behalf Of Richards, Robert B.
> Sent: 02 April, 2019 15:18
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: Pervasive en
t [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
> Behalf Of Allan Staller
> Sent: Tuesday, April 02, 2019 8:59 AM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: Pervasive encryption and batch temporary datasets
>
> Let me try it this way.
>
> Is df/SMS encryption a pre-requisite to th
2019 8:59 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Pervasive encryption and batch temporary datasets
Let me try it this way.
Is df/SMS encryption a pre-requisite to the z/14 "PERVASIVE ENCRYPTION"?
Thanks for all you time and effort,
-Original Message-
From: IBM Mainfr
ERV.UA.EDU
Subject: Re: Pervasive encryption and batch temporary datasets
Allan Staller wrote:
>My understanding is that this was a "hardware" feature and did not
>depend on DFSMS (except as possible an on/off switch).
>In you post you refer to PERVASIVE ENCRYPTION (z/14?) vs
; From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
> Behalf Of Paul Gilmartin
> Sent: 01 April, 2019 19:41
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: Pervasive encryption and batch temporary datasets
>
> On Mon, 1 Apr 2019 14:48:55 +080
Allan Staller wrote:
>My understanding is that this was a "hardware" feature and did not
>depend on DFSMS (except as possible an on/off switch).
>In you post you refer to PERVASIVE ENCRYPTION (z/14?) vs pervasive
>encryption (df/SMS). Can you comment on the prior posts requiring
>DF/SMS extended
Well the process was in place well before I ever joined. I am not aware of
the history of the strategy except to protect disks in the SAN. I had never
considered somebody actually walking in and taking both the SAN disks and
the SKLM servers also! That would be a breach. That being said, should
On Mon, 1 Apr 2019 14:48:55 +0800, Timothy Sipples wrote:
>...
>Encrypted zFS is already available in z/OS 2.3. Please refer to APAR
>OA54005 and to Marna Walle's presentation ("The Latest in z/OS UNIX and
>zFS") for some more information.
>
Thanks.
>... Kees clarified the
>situation well: it
We do it precisely for that reason. With old spinny drives, when one requires
replacing, we used to have to have arrangements with vendors to keep the
removed drives for shredding. With solid state storage, such an arrangement
would be prohibitively expensive, but if its encrypted its no
ehalf Of
Timothy Sipples
Sent: Sunday, March 31, 2019 9:32 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Pervasive encryption and batch temporary datasets
Allan Staller wrote:
>(z13?) or z14 processor. Pervasive encryption handled by hardware
Matthew Donald wrote:
>No, only in the se
Paul Gilmartin wrote:
>zFS?
Encrypted zFS is already available in z/OS 2.3. Please refer to APAR
OA54005 and to Marna Walle's presentation ("The Latest in z/OS UNIX and
zFS") for some more information.
By the way, thanks to Kees for reading the original question more carefully
than I did. I
On Mon, 1 Apr 2019 10:43:53 +0800, Timothy Sipples wrote:
>...
>Not yet. However, in IBM's recent preview announcement of z/OS 2.4, IBM
>said there are plans to add at least two data set types to z/OS 2.4's Data
>Set Encryption: JES2-managed data sets on SPOOL, and PDSE.
>
zFS?
-- gil
Mark Jacobs wrote:
>As far as I remember, Spool Datasets can't be defined as extended format,
>only largeds. Since pervasive encryption is only for extended format
>datasets, then I believe the answer is no, JES2 Spool datasets can't be
>encrypted.
Not yet. However, in IBM's recent preview
Allan Staller wrote:
>(z13?) or z14 processor. Pervasive encryption handled by hardware
Matthew Donald wrote:
>No, only in the sense that dfsms requires a CEX?S card to be installed.
>Pervasive encryption is supported on z114/196 with a CEX3S or later. The
>encryption is performed by sms, which
On 3/31/2019 6:44 PM, Phil Smith III wrote:
Correct. You're also not really providing any protection beyond the case of
someone walking into the data center and pulling a
drive. Any compromise of any kind on the system is going to get cleartext, so
the encryption won't help at all.
If
Laurence Chiu wrote:
>We encrypt all our host data without worrying about z/OS by using SKLM on
>our DS8K SAN.
>I'm told this means all data that the host can access is encrypted at rest
>and is transparent to the host.
Correct. You're also not really providing any protection beyond the
We encrypt all our host data without worrying about z/OS by using SKLM on
our DS8K SAN.
I'm told this means all data that the host can access is encrypted at rest
and is transparent to the host.
On Mon, Apr 1, 2019, 3:56 AM Steve Beaver wrote:
> I think someone is going way overboard
>
> Sent
ct: Re: Pervasive encryption and batch temporary datasets
As far as I remember, Spool Datasets can't be defined as extended format, only
largeds. Since pervasive encryption is only for extended format datasets, then
I believe the answer is no, JES2 Spool datasets can't be encrypted.
Mark Jacobs
Sen
I think someone is going way overboard
Sent from my iPhone
Sorry for the finger checks
> On Mar 31, 2019, at 09:50, Phil Smith III wrote:
>
> Matthew Donald wrote:
>
>> I'm looking into pervasive encryption and I have a question about batch
>
>> temp files that I have been unable by
Matthew Donald wrote:
> I'm looking into pervasive encryption and I have a question about batch
> temp files that I have been unable by googling.
>
> In order to have SMS encrypt a dataset, the dataset must be in extended
> format, which I believe is specified in the dataclass. My question
W dniu 2019-03-31 o 03:30, Mark Jacobs pisze:
As far as I remember, Spool Datasets can't be defined as extended format, only
largeds. Since pervasive encryption is only for extended format datasets, then
I believe the answer is no, JES2 Spool datasets can't be encrypted.
Yes, however...
ve encryption handled by hardware.
> > -Original Message-
> > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU On Behalf
> > Of Matthew Donald
> > Sent: Wednesday, March 27, 2019 9:37 PM
> > To: IBM-MAIN@LISTSERV.UA.EDU
> > Subject: Pervasive
dled by hardware.
>>
>> -Original Message-
>> From: IBM Mainframe Discussion List On Behalf
>> Of Matthew Donald
>> Sent: Wednesday, March 27, 2019 9:37 PM
>> To: IBM-MAIN@LISTSERV.UA.EDU
>> Subject: Pervasive encryption and batch temporary datasets
>>
sive encryption handled by hardware.
>
> -Original Message-
> From: IBM Mainframe Discussion List On Behalf
> Of Matthew Donald
> Sent: Wednesday, March 27, 2019 9:37 PM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Pervasive encryption and batch temporary datasets
>
>
(z13?) or z14 processor. Pervasive encryption handled by hardware.
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of
Matthew Donald
Sent: Wednesday, March 27, 2019 9:37 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Pervasive encryption and batch temporary datasets
I'm
es
> Sent: 28 March, 2019 8:29
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: Pervasive encryption and batch temporary datasets
>
> Matthew Donald wrote:
> >My question is: do batch temporary datasets support extended
> >format? Can they be encrypted using p
Matthew Donald wrote:
>My question is: do batch temporary datasets support extended
>format? Can they be encrypted using pervasiv encryption?
Yes and yes.
Timothy Sipples
IT Architect
I'm looking into pervasive encryption and I have a question about batch
temp files that I have been unable by googling.
In order to have SMS encrypt a dataset, the dataset must be in extended
format, which I believe is specified in the dataclass. My question is: do
batch temporary datasets
32 matches
Mail list logo