Guia de seguretat de l'IBM i (l'antic OS/400)
Guia de seguretat de l'IBM i
El sistema operatiu IBM i és el nom actual del successor de l'antic i5/OS i de l'OS/400, el sistema operatiu utilitzat als ordinadors de la sèrie AS/400 i, posteriorment els servidors de les sèries System p i System i. Jo no he treballat mai amb ells, excepte en determinats projectes molt específics així com en alguna auditoria de seguretat. També vaig tenir alguna relació amb el tallafocs que incorpora 
He trobat la recent publicació d'un redbook que tracta sobre la configuració de seguretat d'aquest sistema operatiu: Security Guide for IBM i V6.1. Dóna la sensació de ser un entorn força complet i potent…
The IBM® i operation system (formerly IBM i5/OS®) is considered one of the most secure systems in the industry. From the beginning, security was designed as an integral part of the system. The System i® platform provides a rich set of security features and services that pertain to the goals of authentication, authorization, integrity, confidentiality, and auditing. However, if an IBM Client does not know that a service, such as a virtual private network (VPN) or hardware cryptographic support, exists on the system, it will not use it.
In addition, there are more and more security auditors and consultants who are in charge of implementing corporate security policies in an organization. In many cases, they are not familiar with the IBM i operating system, but must understand the security services that are available.
This IBM Redbooks® publication guides you through the broad range of native security features that are available within IBM i Version and release level 6.1. This book is intended for security auditors and consultants, IBM System Specialists, Business Partners, and clients to help you answer first-level questions concerning the security features that are available under IBM.
The focus in this publication is the integration of IBM 6.1 enhancements into the range of security facilities available within IBM i up through Version release level 6.1. IBM i 6.1 security enhancements include:
– Extended IBM i password rules and closer affinity between normal user IBM i operating system user profiles and IBM service tools user profiles
– Encrypted disk data within a user Auxiliary Storage Pool (ASP)
– Tape data save and restore encryption under control of the Backup Recovery and Media Services for i5/OS (BRMS) product, 5761-BR1
– Networking security enhancements including additional control of Secure Sockets Layer (SSL) encryption rules and greatly expanded IP intrusion detection protection and actions.DB2® for i5/OS built-in column encryption expanded to include support of the Advanced Encryption Standard (AES) encryption algorithm to the already available Rivest Cipher 2 (RC2) and Triple DES (Data Encryption Standard) (TDES) encryption algorithms.
