ata encryption for databases; understanding the crypto hardware
TRANSCRIPT
IBM ^ zSeries Technical Training
© 2006 IBM CorporationIBM Advanced Technical Support
Data Encryption for Databases : Understanding the Crypto Hardware Support
Marilyn Allmond
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
The following are trademarks of the International Business Machines Corporation in the United States and/or other countries.
The following are trademarks or registered trademarks of other companies.
* Registered trademarks of IBM Corporation
* All other products may be trademarks or registered trademarks of their respective companies.
Linux is a registered trademark of Linus TorvaldsPenguin (Tux) compliments of Larry EwingJava and all Java-related trademarks and logos are trademarks of Sun Microsystems, Inc., in the United States and other countriesUNIX is a registered trademark of The Open Group in the United States and other countries.Microsoft, Windows and Windows NT are registered trademarks of Microsoft Corporation.SET and Secure Electronic Transaction are trademarks owned by SET Secure Electronic Transaction LLC.Intel, Intel Inside (logos), MMX and Pentium are trademarks of Intel Corporation in the United States, other countries, or both.
Notes : Performance is in Internal Throughput Rate (ITR) ratio based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput that any user will experience will vary depending upon considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve throughput improvements equivalent to the performance ratios stated here. IBM hardware products are manufactured from new parts, or new and serviceable used parts. Regardless, our warranty terms apply.All customer examples cited or described in this presentation are presented as illustrations of the manner in which some customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics will vary depending on individual customer configurations and conditions.This publication was produced in the United States. IBM may not offer the products, services or features discussed in this document in other countries, and the information may be subject to change without notice. Consult your local IBM business contact for information on the product or services available in your area.All statements regarding IBM's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.Information about non-IBM products is obtained from the manufacturers of those products or their published announcements. IBM has not tested those products and cannot confirm the performance, compatibility, or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products.
Prices subject to change without notice. Contact your IBM representative or Business Partner for the most current pricing in your geography.
Trademarks
AIX*AIX/ESA*C/MVSC/370CICS*CICS/ESA*CICS/MVS*COBOL/370
Database 2DB2*DB2 ConnectdeveloperWorks*DFSMS/MVS*DFSMSdfpDFSMSdssDFSMShsm
e-business logo*e(logo)server*ESCONFICON*ibm.com*IBMLinkMQSeries*Multiprise*
MVSMVS/DFPMVS/ESAOS/2*OS/2 WARP*OS/390*Parallel Sysplex*Processor Resource/Systems ManagerPR/SMRACF*
Resource LinkRMFS/390*S/390 Parallel Enterprise ServerWebSphere*z/Architecturez/OS*z/VM*zSeries*
MasterCard is a registered trademark of MasterCard InternationalRSA BSAFE is a registered trademark of RSA Data SecurityRSA is a registered trademark of RSA Inc.Visa is a register trademark of Visa international
04/04/06 1-2 of 15
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Discussion Topics
Drivers and Need Where basic understanding of industry (client) requirements can lead to more opportunity
Product History
Product Overviews
Product Setup
Things to Watch and Prepare (Educate the Client) for Success
Things that make Bumps in the Night
Product Requirements
Comments from Those Who Have Gone Before
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Data Encryption Driven by Demand: Driven by Law
Health Insurance Portability and Accountability Act (HIPAA) of 1996CA's Pers Info Prot & Elec Doc ActGraham-Leach-Bliley Act of 1999 (GLBA)
Solutions targeting requirements driven bySarbanes-Oxley (SOX) UK's Data Protection ActSEC 17a-4 Privacy Act
Not perfect, any solution has challenges in this environmentPerformance overheadKey managementApplication changes
IBM Database solutions address part of the needTie with comprehensive understanding and very good consulting skills and knowledgeManagement acceptance of responsibility for risk and asset definition and balance Consulting opportunity lead that can be introduced during product sale and implementation cycle
Key maintenanceArchival requirements & issuesDisaster recovery issues
04/04/06 3-4 of 15
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Is Only Encryption Needed
By examining the various regulatory legislation and industry mandates (not all that may be applicable are mentioned) certain cryptographic and/or other security mechanisms can be found. With those other mechanisms you can
Strengthen the case for one or more of the IBM database encryption solutionsDrive need for additional server processing Plant the seeds for future opportunities or the enhancement of the one being addressed
Where to find some of these documents?A quick Google search using the legislative name and overview usually provides a good list from which to select - further define by including org as a keyword
http://www.isaca.org/AMTemplate.cfm?Section=Sarbanes-Oxley2&Template=/ContentManagement /ContentDisplay.cfm&ContentID=11247http://www.ziplip.com/solutions/SARBOX.htmlhttp://www.deloitte.com/dtt/cda/doc/content/Sarbanes%20Oxley%20Act%202002.pdfhttp://techrepublic.com.com/5100-10878_11-5034345.html
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Brief Look at the Some of the Legislative Requirements
Sarbanes-Oxley (SOX)requires internal controls on information to ensure completeness, correctness, and quick access
addresses the deliberate alteration or destruction of a record or document with the intent to obstruct an investigationrequires that strict records retention policies and procedures existdictates publicly traded companies must have policies and controls in place to secure, document, and process material information dealing with their financial results
Health Insurance Portability and Accountability Act (HIPPA) must guard “confidentiality, integrity & availability” of individual health data.To accomplish this, each provider is required to meet three conditions:
Must “assess potential risks and vulnerabilities to the individual health data in its possession” …Must …“develop, implement, and maintain appropriate security measures”
IntegrityAvailabilityConfidentiality
Must insure these measures are “documented and kept current”
04/04/06 5-6 of 15
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Brief Look at the Some of the Legislative Requirements . . .
Graham-Leach-Bliley Act (GLBA)Both non-public and public information must be protected
insure the security and confidentiality of customer records and information; protect against any anticipated threats or hazards to the security or integrity of such records; and protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience
Data should be encrypted in storage and in transit
European Union legislation addresses similar safeguards as HIPPA
Basel II addresses similar safeguards as GLBA
Summary : All Legal Directives include requirements to protect personal data against
accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Data Encryption History on IBM Mainframes for Databases
Application enablers allowed clients to code confidentiality into applications where needed
First wave includedProgrammed Cryptographic Facility (PCF)Customer Unit Support Program (CUSP) and its hardware, 3848IDCAMS REPRO
Second wave includedTransaction Security System family of productsICSF and ICRF (first versions of S/390 crypto hardware with ICSF)ICSF and CCF (second version of S/390 and zSeries crypto hardware)
Third wave included4758 PCI CoprocessorPCICC, PCICA (second version of S/390 and zSeries crypto hardware)
Fourth wave includes PCIXCC and Crypto Express2
04/04/06 7-8 of 15
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
IBM Data Encryption Solutions for Databases Beyond Application Enablers
Data Encryption for IMS and DB2 Databases First Edition
Offered as PRPQ, 5799-GWD
Announced December 2002
Implemented encryption via Segment Edit/Compression exit and EDITPROC exit, respectively (1 exit per database type)
Supported IMS V6 and DB2 V6 and later
Used secure key thus requiring secure crypto hardware
Data Encryption for IMS and DB2 Databases Second Edition
Offered as product, 5655-P03
Released as Version 1 Release 1 in the February 2003
same as above
Pub update done in March 2004, SC18-7336-01
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
IBM Data Encryption Solutions for Databases Beyond Application Enablers . . .
Data Encryption for IMS and DB2 Databases Third Edition
Offered as product, 5655-P03 FMID(H29F110)
Released as Version 1 Release 1 updated in the September 2004
same as above (2 exits per database type)
Uses secure key OR new clear key
DB2 Version 8
Offers data encryption through built-in functions
Allows column encryption rather than row encryption
Requires change to column definitions for targeted data
May encrypt data using 2 methodsDefining encryption at the column levelDefining encryption at the value level
Encryption key is referred to as PASSWORD in DB2 Admin Guide
04/04/06 9-10 of 15
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Data Encryption for IMS and DB2 (Emphasis on DB2)
DB2 Databases Implemented via EDITPROC exit
DECENC00DECENA00
Specified in the EDITPROC clause of the SQL CREATE TABLE statement
IMS DatabasesImplemented via Segment/Compression exit
DECENC01DECENA01
Specified in the DBD COMPRTN parameter
The DECENC0n routines exploit secure key crypto via ICSF services, CSNBENC and CSNBDECThe DECENA0n routines exploit clear key crypto (CPACF)
DB2 uses the problem state instruction (KMC)IMS uses the ICSF APIs, CSNBSYE and CSNBSYD
secure key implemented
clear key implementedsecure key implemented
clear key implemented
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Data Encryption for IMS and DB2 (Emphasis on DB2)
These exits must initially encrypt the database and Are used in future calls where an application processes a table or segment for which encryption or decryption has been specified.Data stays encrypted during channel I/O, when the DBMS gains control it invokes the exit to decrypt based on read processing or encrypt based on write processingISPF panel interface to assist in setting up JCL parameters for exit creation or use SAMPLIB JCL samplesThe JCL will link-edit the product-supplied exit into the user's exit library The JOB takes the encryption key indicated by label in the JCL and stores it in the exitOnce installed existing objects need to be unloaded, redefined, and reloaded
04/04/06 11-12 of 15
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Data Encryption for IMS and DB2 (Emphasis on DB2)
Data Encryption for IMS and DB2 Databases Third EditionOffered as product, 5655-P03Released as Version 1 Release 1 updated in the September 2004same as above (2 exits per database type)Used secure key OR new clear key Encrypts at row level
DB2 Version 8Offers data encryption through built-in functionsAllows column encryption rather than row encryptionRequires change to column definitions for targeted dataMay encrypt data using 2 methods
Defining encryption at the column levelDefining encryption at the value level
Encryption key is referred to as PASSWORD in DB2 Admin Guide
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
General Limitations to Consider
Using encryption and the IBM crypto hardware requires knowledge of the relationships between the ICSF calls (software service requests) and the various types of crypto hardware
3 methods of requesting encryptionCSNBENC requires CCF or PCIXCC or Crypto Express2 configured as a coprocessor, ICSF active, & Master Keys loadedCSNBSYE requires CPACF which is only available on z990/890 and higher servers, ICSF active, & Master Keys loadedProblem state machine instruction where only the Key Record Read is the only ICSF API used requires CPACF
CSNBSYE and the problem state machine instruction references a different key than one that is referenced with CSNBENC
64 bytes of label padded with blanks + 8 bytes of key typeMust have unique key label
ICSF
DB2KEY.....DATA
DB2KEY.....CLRDES
Secure
Clear CPACF
CCF, CEX2 PCIXCC
04/04/06 13-14 of 15
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
General Limitations to Consider . . .
Performance varies but is faster than software encryptionUsing CPACF with clear key functions is fastestUsing Secure key on CCF systems is faster than on PCIXCC and CEX2 systems
Storage time for database backups and impact of key lifeICSF is a single address space shared by other users on z/OSWhen using multiple keys for different tables/segments the DBA or data owners need to ensure the longevity of keys associated with backup data and/or create a process to change keysCannot encrypt DB2 indexes so may need to change table structuresUsing encryption means managing data in 8 bytes or multiple of 8 so tables may need to expandUse of compression will be impacted
DB2 compression is done after encryption which has no benefitIMS can only do compression OR encryption not both
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
General Limitations to Consider . . .
Only one exit of either database can be associated with a segment or table at one time, if any exit exists alternative code will be required
What cannot be encryptedIMS: HIDAM index databases DB2: Indexes Tables with ROWIDs or LOBs
These exits must have APF authorization ICSF settings can influence performance (CHECKAUTH, KEYAUTH)
If CKDS is initialized on z990/890 or z9 and the DR processor is an earlier processor, the CKDS will not work
IMS: a different encryption key may exist for different segments, each segment will have its own exit association
DB2: only 1 key may exist
04/04/06 15-16 of 15
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Server Type
IMS Tool Exit Name
DB2 Tool Exit Name
Crypto HW Reqd SW Reqd Special
PTFs
S/390 DECENC01 DECENC00 CCF
IMS V6 or laterDB2 UDB Server for OS/390 V6 or laterICSF
zSeries z900/800 DECENC01 DECENC00 CCF
IMS V6 or laterDB2 UDB Server for OS/390 V6 or laterICSF
zSeries z990/890
DECENC01DECENA01
DECENC00DECENA00
PCIXCC (0868) or
CEX2
CPACF (3863)
IMS V6 or later
DB2 UDB Server for OS/390 V6 or laterICSF HCR770A/0B/20/30
UK00049
UA156__ 77/78/79
zSeries z9
DECENC01DECENA01
DECENC00DECENA00
PCIXCC (0868) or
CEX2
CPACF(3863)
IMS V6 or later
DB2 UDB Server for OS/390 V6 or laterICSF HCR770A/0B/20/30
UK00049
UA156__ 77/78/79
IBM Data Encryption Tool: HW & SW Assurance Chart
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Server Type
IMS Tool Exit Name
DB2 Tool Exit Name
Crypto HW Reqd SW Reqd Special
PTFs
zSeries z900/800 and earlier
DECENC01 DECENC00 CCF
IMS V6 or laterDB2 UDB Server for OS/390 V6 or laterICSF
zSeries z990/890 and z9
DECENC01DECENA01
DECENC00DECENA00
PCIXCC (0868) or
CEX2
CPACF (3863)
IMS V6 or later
DB2 UDB Server for OS/390 V6 or laterICSF HCR770A/0B/20/30
UK00049
UA156__ 77/78/79
IBM Data Encryption Tool: Usage Assurance
Address DR implicationsMachine type impact (CPACF or secure key)Key availability (CKDS key storage and CKDS accessibility)Naming convention for key labels Storage and archiving requirementsAccountability issuesPerformance
04/04/06 17-18 of 15
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
IBM Data Encryption for IMS and DB2
DocumentationIBM Data Encryption for IMS and DB2 Databases User ’s Guide
V1R1, SC18-7336-02
For enciphered data to be processed else where the other machine must have crypto capability and access to same key value as used to encrypt that data
Tested in DB2 and IMS environments ensure compatibility with all interfaces
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
IMS Exit Processing
IMS EncryptionProgram passes a segment REPL, ISRT, or LOAD request to IMS control regionIMS determines, using the DBD, that a Segment Edit/Compression exit is required IMS loads and calls the exit, passing it the unencrypted segment Exit invokes ICSF services IMS puts the encrypted segment into the database
IMS DecryptionIMS application program passes segment GET request to the IMS control region IMS determines, from the DBD, that a Segment Edit/Compression exit is required IMS loads and calls the exit, passing it the encrypted segment Exit invokes ICSF services IMS passes the decrypted segment back to the application
04/04/06 19-20 of 15
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
DB2 Exit Processing
DB2 EncryptionDB2 application program passes a row to DB2.DB2 determines, by presence of EDITPROC on the table, exit is required DB2 loads and calls the exit, passing it the unencrypted row Exit invokes ICSF services DB2 puts the encrypted row into the table
DB2 DecryptionDB2 application program requests data from DB2 DB2 determines, by presence of EDITPROC on the table, exit is required DB2 loads and calls the exit, passing it the unencrypted row Exit invokes ICSF services DB2 passes the decrypted row back to the application
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Prerequisites for Use
Required Crypto hardware must be activated CCF and PCIXCC
Configuration loadedLPAR associations must be madeMaster Keys must be loaded
CPACF must be enabled via Feature Code 3863
Required SoftwareIMS Version 6 or higher, and/or DB2 for OS/390 Version 6 or higherICSF must be activated
Base element of z/OS and OS/390Key(s) to be used for data protection must be defined
Security issue!!Do not look for step-by-step directionsShould understand this process in order to explain decisions to auditorsShould understand crypto concepts and IBM Crypto
04/04/06 21-22 of 15
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Generic Installation Steps for DE for IMS and DB2
Set up and validate crypto hardwareValidate? If from ICSF menu, Utility option for Random Number works, ICSF and secure crypto hardware works
Generate and then store (in the CKDS) a triple DES encryption key for use
Use ICSF Key Generation Utility Program, KGUPRead ICSF Administrator's Guide
Build the IMS or DB2 user exit, specifying the key name defined in step aboveBack up your data
Unload your data
Create/install the exit
Reload the data, during which process the data is encrypted Validate your output
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Specific Exit Installation Notes
IMS Provides sample job DECIMSJB in PDS smphlq.SDECSAMP
DB2Provides sample job DECDB2JB in PDS smphlq.SDECSAMP
Generic to either database Replace the yyyyyyyyyy (at the end of the job) with encryption key label built by the security analyst Also, provides an alternate in the form of a panel interface to create the user exit
ex ’smphlq.SDECCEXE(DECENC04)’’smphlq ’
For a more user-friendly key entry process allowing key knowledge separation use
PRS189 ICSF Key Part Entry Sample Application for ISPF Panels from www.ibm.com/support/techdocs
04/04/06 23-24 of 15
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Brief Highlight of Crypto in DB2 V8
Provides encryption at column and cell or value level
Provides basic keywords to control the encrypt/decrypt processENCRYPT to encrypt dataDECRYPT_BIT
SET ENCRYPTION PASSWORD statement allows the entry of a password and a hint
Password is used to create keyPassword or key is stored in DB2 along with hint if providedUse SELECT GETHINT statement to recover hint
DB2 V8 requires a zSeries ProcessorDocumentation found in
DB2 V8 Administration Guide, SC18-7413-01, Chapter 9
DECRYPT_CHARDECRYPT_DB
zSeries Sales and Technical Education
© 2006 IBM Corporationz9XX Crypto | MarilynAllmond | Wahington Systems Center
Summary
Not an integrated solution but well tested and is the best aroundReplaces the EDITPROC code providing encryption that may have been obtained earlier and was 'AS IS' Requires no application changes
Data base changes may need to occurEnsure targeted data will be protected may need to rearrange dataAdjustments for data base product restrictions or considerations
Understanding IBM Crypto will be crucial to adhering to the regulations/requirements driving this solution
Weigh the options availableNot every segment or table needs to be encryptedEvaluate need for
Encryption/decryption in cross-platform and/or sysplex environmentsDisaster Recovery
04/04/06 25-26 of 15