I am from JSS Academy of Technical Education Noida.(Engineering Institute)
My team was one among Top 20 teams selected for TGMC ( 2007-2008).
We were called at Mumbai for felicitation and round of interviews.
Post GD/PI top 9 students were selected for recruitment.
During same year IBM started hiring Fresher as Vitality Hires ,a program run by Nipun Mehrotra(V.P ,G.B ,Geo Expansion & Route to Market) .
After a year ahead I moved to SWG Group as Tivoli Seller for North and currently pursuing the same role.
So,in nutshell all my success in last 3 years goes to TGMC,else fresher like me would never have been part of Sales force of IBM ,
Here are few details of my journey in TGMC!!
Name of the Contest: TGMC 07 (The Great Minds Challenge)
Date and Venue of the Interview held: 20th March 2008, Mumbai
Name of the Institute: JSS Academy of Technical Education, Noida
Team Name: GFORCE
Project: RADAR (Real-time Allocation De-Allocation of Resources)
Candidates: Jolly Ahuja & Ankit Ruia (team member) .
In nutshell "JUST FOLLOW YOUR DREAMS ,SUCCESS WILL AUTOMATICALLY FOLLOW YOU".
Jaskiran Bhatia has been in SWG ever since the Cognos acquisition in 2008. She was leading IM in Tech Sales and has recently moved to lead the Brand. In this short interview, she tells us about her passion for technology and which of the 2 roles she enjoyed more. With a young daughter, her take is...it only takes to prioritize to be successful in whatever you do.
1) You have been in technology for most part of your
career. What about it makes you tick ?
I have been a Technologist all my work life. Solving complex
algebraic equations used to excite me as a child and even now complex business
problems that can be made so simple
through technology is what drives me
...keeps me happy. For me it’s something that keeps me going and is not just a
2) You recently moved from tech sales to sales. How has that change been in
terms of the role and its challenges?
All job roles (support or line) exist to achieve
business objectives and while every member of the team has to understand their respective roles and how it
impacts the overall goals it is
equally important to acknowledge and appreciate
the role of other team members. While in a support role many a times I missed
the complete picture and didn't understand the apprehension
that a seller may
have, this transition has helped me bridge the gap. I have been able to align
the entire IM team to the brand objective and give them a sense of common goal.
There are challenges and that’s what makes work fun. I
love what I do, so its not just a job for me.
3) which of the roles did you prefer and why?
I have been a hands-on techie all along. I never thought
that I'll ever do sales but trust me, last 6 months have been most rewarding with
a steep learning curve. In a sales role the end results
are beyond us, the
uncertainty is much higher but then so is the excitement.
I have enjoyed the earlier role as much as I do the current.
4) You have led a team with many women. Any advice to
women who wish to make a career in technology?
I would want to tell any / all women who are really
serious about careers that marriage, motherhood can’t slow them down..... all
that's required is to think and prioritize....
we might have to juggle , accept
and acknowledge facts and be prepared to make choices, ask for help and give in
/ lie low when required ....
5) In your current leadership role as Brand leader of
IM - how do you balance your personal and professional demands?
For me only two things matter, my child and my
work.....nothing else is important and hence can wait. My weekdays and even
weekends are planned to meet both sets of
commitments without any compromise on
these two, any thing else doesn't matter.
3 most important things:
- 1. Prioritize - Chose what's important when and learn
to say No
- 2. Lead a disciplined life - I follow a very strict
timetable that allows me to have more hours in a day...
- 3. Nurture a strong support system - I do have a
support system that I have consciously built and take special care to maintain
This is Harika, a pre-final student from Information Technology, Vishnu Institute
of Technology (VIT), Andhrapradesh .Like all people, I too have a lot of enthusiasm
at learning new trends in technology, and is more interested to be aware of everything.
Recently, in the month of February we went to a country
level technical symposium conducted in SVECW, Andhrapradesh. There, I along
with my co-partner Santhoshi Swapna gave a paper presentation on the topic “HADOOP”.
Hadoop is a flexible
infrastructure for large scale computation and data processing on a network of
commodity hardware. The
industry is trending towards distributed systems, and Hadoop is a major player.
Luckily, we are recognized by Chief guest, Mr. Lawrence
Mohanraj , Regional Manager, South-west .He asked us to send abstract to
him. We submitted a research paper on Hadoop. He encouraged us to do research
and analysis on this particular topic.
such an encouragement, even a novice can anticipate amendment in the latest
technologies. We came to know that IBM is using the Hadoop tool. An also “The
Forrester Research Company” appreciated IBM Company for using HADOOP Tool.
is vivid that IBM is encouraging the students to explore their knowledge. We
are the best example.
am thankful to IBM Academic Initiative Mr. Lawrence Mohanrai, Regional Manager,
South-west and also to developerette for
supporting me in sharing my experience and gratitude.
I am Geetha, a final year graduate from computer science engineering, MLRIT, Andhra Pradesh.
I am girl student of more happy going and I believe in practical thesis rather on theory.
I as a tech student organize the educative events at my college. Last year I organized ZAVTRA2K11,
a national level technical fest, which was a huge success in the aspect of encouraging and leading
the students of engineering level to a new trend of technologies in the globe. The experience of
organizing the event made me to learn the aspects of being co-operative, making the best among
the choices, being patience to the vivid situations , working for late hours till 11pm in the college to
complete the tasks and more importantly following the leadership rules and qualities.
My voice on student role in present society in Hyderabad, to ABN Andhra Jyothi( a news channel),
had given me a confidence of speaking and communicating with officials. I was from then recognized
as a fire brand with good communication and voice of convincing.
And the great moments of my life had just took place in the month of February. I was selected as one
among the six students from INDIA, more precisely I am one among the two girl students to attend the
IBM-IDEA Innovation Workshop at Goa. I am glad to be a part of the event, and as a unique user of IDEA
among the students, and I was recognized and it helped me to be picked as one among the three students to
choose the best innovative idea to be developed by IBM-IDEA. I was appreciated for the best
performance at the event by
Mr.Tejasvi Bishnoi, Asst. Vice President, Information Technology(IDEA),
Mr.Deepak Rao, Asst. Vice President, Marketing(IDEA),
Mr. Sudhanshu Rawat, Project Executive & Vice President (IBM).
The delegates in the event asked us questions on IDEA in 3G network,how students are getting connected to 3G networks,
limit of student data packages, tarrifs and few more questions by the speaker Mr.Jaison, like
- Give an innnovative idea for $1000 to make IDEA grow
- Why IDEA and why only IDEA in 3G?
- Give ideas to reach students on 3G network
and few more.
My thought on GPS positioning Application on IDEA 3G mobile was an applauded answer along with query
solution application on Maps.
Later 3among the 6 six students were called to choose the innovative Ideas listed by the delegates.
I was one among the three and then was asked to vote for the best among the list of ideas
1. Customized bundled solution for women
2. Create an application mall
3. Communication bundled solution
As we the students were a bit in confusion,Mr.Jaison asked us to share $100 to each of the idea, in which the best
idea would be picked. I being a girl student know how much women are passionate towards their professional and
personal career and allotted more on the best idea of customized bundled solution for Women, which was later chosen
as the best idea to be implemented by the IBM-IDEA as an Innovative Idea.
I am very happy and delighted to be a part of the conference. I am very thankful to the IBM Academic Initiative and very precisely
I am thankful to IBM Academic Initiative,Mr. Lawrence Mohanraj , Regional Manager,South-west,Mr.Yuktesh,IT Specialisit-Andhra Pradesh
for giving me an opportunity to attend a great event.
While Portal offers interactive business capabilities vs. a static web site..there is also a need to provide social collaboration capabilities within the portal environment for an effective business. As with a business portal, users can interact with the enterprise, such as to obtain valuable information, assistance, or download documents... with a social portal they can ask questions, discuss various subjects, make suggestions/recommendations, find people in their network with similar interests and much more.
While IBM Connections brings in these social collaboraton capablities for any enterprise.. when integrated with portal helps develop a social portal solution. This integration is achieved by developing a set of portlets for various IBM Connections services such as profiles (Directory of colleagues you can use to build a network
and locate expertise), bookmarks (Social bookmarking tool that you can use to save,
organize, and share Internet and intranet bookmarks), blogs (Online journals you can use to deliver timely information
with a personal touch), activities (Collaboration tool for collecting, organizing, sharing,
and reusing work related to a project goal), wikis (Repository for sharing and collaborating on pages of interest
to your group) and forums (View and contribute to discussion topics). These portlets offer personalized social content to the user and allow read/write capabilities. They offer similar user experience as the native IBM Connections application. These portlets offer various configurations and customization capabilities to suit various customer requirements. Existing customers for Portal and Connections benefit with this solution and have the business portal to be social by bringing in social content from social repository like IBM Connections into portal.
Download these portlets from catalog
More information about these portlet is available on this wiki
Meet Dr Seema Verma, the associate professor and the pillar of strength at Banasthali University, Rajasthan. Dr Seema is the key driver of change and has lent her guidance to many new, interesting and developmental programs at Banasthali like the Gliding & Flying Club.She manages being a professor, an author, a wife,a mother and many more roles without any compromises!
Please read her take on a life well balanced in her interview with developerette.
Welcome Dr Seema and thank you for sharing your achievements and success formula with the students and professional women at developerette. Your initiatives, time management skills and keen interest in technology would certainly motivate every member of the group.
1. An introduction: Professional background, family and interests
Myself, Dr. Seema Verma, is working as Associate Professor in Electronics at Banasthali University. In addition, I am Accountable Manager in Banasthali Vidyapith Gliding & Flying Club. I did my Masters in Electronics from Banasthali in 1999 and then awarded with Doctoral Degree in Electronics in 2003. Currently, I am guiding couple of researchers in the areas of wireless sensor networks, security in cloud computing, Cryptography and VLSI design. I have authored 4 books and out of them, one has been published from Lap Lambert Publication, Germany. I have been into programme committees of various IEEE international conferences and m into editorial board of various Journals.
Family: I am from an educated family. My dad was District Engineer in BSNL and mom is currently Principal in Govt. Secondary School, Rajasthan. My husband is a Banker in SBI. I am proud mom of a very cute son, DAKSH who is 7 years old.
Interests: I am always interested in learning new things, technologies and always love challenges in life. I like reading and travelling a lot. I love meeting people.2. What made you choose a career in IT education? Can you explain how you guided your career to be where you are today?
From my school days, I started thinking of being a technocrate…well, I did my master in electronics and thought of doing research in technology. Later, when I became a research guide I took up the latest problem/challenge areas in technology and started doing research on them. Passion for learning was the driving fire behind where I am today.3. How have you balanced your professional and personal demands simultaneously?
I never mix my two aspects of life and I never go for one on the cost of other….well, it’s more of one’s passion for work and personal life which makes things smooth. 4. What are some of the challenges you face in your role and how do you deal with stressful days?
There is challenges everyday in every role a woman has. Well, when it comes to stress, the best way to get out of it is to spend time with young brains, i.e. my students…..I am having a unique asset in the form of my students….And after a long hectic schedules, I usually take a break and go for a break with my family, especially my son….as he is the best medicine I have for any stress I come across…..5. The girls in your college are aspiring women in technology. What is your advice to students to stay focussed?
I always nurture and encourage them to learn technology, participate and give maximum in the development in technology…..I ask them to just choose the goal first n then learn the ingredients and focus…that’s it…..
Fresh out of college, after years of studying the core subjects, each one of wish to create something new and exciting. Develop that code which is highly appreciated, solves the problems, is extremely efficient etc etc.
But not all of us get to develop the main source and even be a part of that development cycle in industry. So, should you be unhappy on the testing role offered? Absolutely not!
Testing is a very responsible job. No product goes into the market unless it is thoroughly tested and gets the approval of the tester that it is good to go. This role is not easy and can be very interesting. As a tester, you know the behaviour of the software more than the developer himself. You are the first client. Testing the real time scenarios, you are a bridge between the market and the development. Trust me, it is very exciting.
So, how should you go about testing?
Here are some tips on better testing:
1. Understand what is to be tested.
Know the software thoroughly. Go through the document given by the developer.
2. Ask for more.
Discuss with developer about the software's behaviour, its implementation etc. The more you involve in it, the more bugs you can find.
3. Plan your tests.
Write down the plan of the tests. This should list all the tests. Be sure to do negative testing. Often, software works in normal cases. But goes for a toss in negative conditions. Include real time scenarios, customer situations. Think like a customer.
4. Implement your tests.
Choose an efficient testing tool or language. Plan your implementation well. Remember, tests should be as efficient as the main code you are testing. This is the most interesting part. Here, you get to do automation around the software, learn new products. Can be innovative as well!!
5. Identify the bugs.
Writing tests is not all. You need to understand the erring cases, identify the defects. Get them fixed. Critical defects are highly appreciated, because you are catching them before the software goes in market. This actually saves alot!
6. Get the bugs fixed.
Let the developer fix the defect. Re-test the fixed code. Feel free to say NO, if you are not happy.
Testing is really a responsible job role. Be proud to say you assure the quality of the software to be delivered!
An Indian way to say Hello with dignity, respect and love to everyone.
This is my first post here at developerette and I am quite excited about it. I really hope that typing here is completely a unique experience and more exposure to learn more. So am here.. doing some shadow postings here & there as well as writing something unique here & there.
Hope to have a good learning experience here :)
I don't know from where shall i begin ,OK let me begin right from the day 1 ,Initially i got the mail stating "Present your ideas for the superstar idea contest",for the first few days i ignored the mail thinking that it would be a spam or bogus mail then i thought ,"OK,let me reply to this mail "and just sent my idea after proper registration in the mentioned website of IBM ,even after registration i did not have the belief that this is the real contest and i ll get a response for the registration .To my surprise after a couple of months i got many calls from the representatives of the company stating that "My idea submission has been accepted and i need to give the details of the project in the form of presentation and it should be like a real presentation for which of course i can send it thru mail within the stipulated date .i have been given ample of time for submitting my presentation because of which i was able to submit it .i never thought that the process of evaluation will be transparent and all the people who presented their ideas will be organised in to virtual groups in which they will be given opportunity to learn new technologies thru webinars and they can also share their opinion about various concepts .
After some months i again got a call from the team stating that my idea has been selected for the next round of evaluation for which i have to prepare the prototype and they even gave me the freedom of choosing the location and time for the prototype presentation to the panel of their executives .i opted chennai and went to the mentioned branch in chennai on time ,i got good hospitality from the team because of which i was able to do the prototype presentation in a satisfiable manner in spite of fever i had on that day. Unfortunately my idea was not selected for the final presentation but i am happy about the opportunity given to me and the time ,resources and technology the company spared for me .
IBM Developer Superstar contest 2011, Participant
We know that we can can develop a Web Service client on RAD using WSDL
definition. Then we can deploy the client application on WAS server and
send request to server application (running on WAS or Message Broker).
can make this Web Service client application as a stand alone
application as well then we do not need to deploy the same on WAS
I have created a BankClient in RAD to demonstrate the same. I
created a WSDL in message broker and developed a flow with SOAPInput
and SOAPReply node. This flow acts like a server flow running on Message
WSDL has four operations like- CreateAccount, CreditRequest, DebitRequest and CheckBalance.
Here are the required steps to make a standalone client application:
Note: If you are looking for artifacts then please contact me.
- Create a Web Service client application from WSDL as you generally do in RAD.
- Create a new main class under Java Resources as shown in following screen shot:
- It is required to create an object of *Proxy class in the main and
then call all the operation using that object as shown in following
- Remember to create required variables to call operations.
- Save the changes and if any error then resolve that.
- Now the next step is to change the *Service.java file for WSDL location.
- Right click on your WSDL file under ->Web Content->WEB-INF->wsdl and select properties.
- From the Resources window , copy the location of WSDL as shown below:
- Open *Service.java.
- Search for wsdlLocation variable and change the value of that
variable to this copied location of wsdl. Do not forget to add 'file:'
before 'C:\' and change the slash from '\' to '/' e.g. wsdlLocation =
- Now add these 2 lines and update them as per your file structure.
Also update the wsdl path 'MalformedURLException' and
'logger.warning' as shown below:
- Save *Service.java.
- Now it is required to add thinclient jar for webservices in Build path.
- Right click on your Client application and select Build Path -> Configure Build Path.
- Select 'Libraries' tab and click on 'Add External JARs....'. Select 'com.ibm.ws.webservices.thinclient_7.0.0.jar' from WAS installed location. Select 'Order and Export' tab and click on 'Select All' button. Then click on OK.
- Now Client is ready to run as standalone application. Right click on
your Client application and select Run As->Java Application.
Please welcome Dr. J.Manjula, principal, GVG college for women, Udumalpet, Tamil Nadu. Dr. Manjula is a strong willed and courageus woman, on whose shoulders rests the ambition of the girls at GVG. She's a spirited professional, dedicated to her work, the well being of her staff and the future of her students. Above all, she is a progressive leader, who believes that nothing can empower the women of this country more than solid education and well defined career paths.
We are honored to have Dr Manjula speak to us about her powerful personal life, her devotion to the college and her advice to girl students across the country. Please read on. Thank you ma'am for sharing your experiences with us, you lead by example in your personal and professional life, thus encouraging girl students and women IT professionals from all backgrounds.
Please tell us about your work and about your personal interests:
Of the 35 years I've been associated with GVG, I've been the principal for the last 12 years. There are various achievements i'm proud of at GVG. Last year we crossed 340 placements. We were the first to get the NAAC accreditation and now have also been ISO certified. We're an autonomous college and so, have the freedom to design our own course curriculum. In the south, we are the leaders in development education and job skills and are enjoying the benefits of that.
Also I was rewarded the Excellence award conferred by the Rotary club. I have a son, who is settled in the States with his family. I am drawn to philosophy and am a member of the Art of Living society and follow Guru Mahan philosophy which provides me a lot of motivation. I devote all my time to the well being of the students, their curriculum, introducing new courses, the food at the hostel and other amenities.
GVG is a college of excellent reputation. How do you maintain that?
The key is the focus on the girls. Even after they go to other countries for higher education, they never forget theor alma mater. We train them on life skills and not merely books. Once they graduate from GVG, the girls are knowledgeable individuals who have strong careers and are excellent home makers. All that is important for women, and we ensure there is plenty of focus on both angles. Various topics of empowerment are discussed with the girls like Cancer, Female Infanticide, Mental and Physical strength etc.
Technology like Campus-i is used to detect, understand and eliminate the root cause of illnesses that are common to this area like anemia. This incomparable focus is what drives parents from faraway towns like Kanyakumari etc to leave their wards in the safety of GVG. Be it hot water, amenities, clean drinking water, activities or studies, there is no compromise on quality.
My aim is to give the best to the girls so they don't feel deprived because of being born in a small town with less opportunities. When they join companies, they are clearly identified as GVGians!
Companies like IBM have contributed greatly by providing opportunities and a stage for success to the students. More interaction from professionals is required for the girls to learn and grow and take up responsible positions in the corporate world.
What are some of the challeges the girls face in building careers in IT and how do you guide them?
The big question is Career or Marriage? My answer is to win at both. I alsways give my example to parents and the girls, that I am a widow, lost my husband in a drowning accident and came out of the tragedy strong and empowered only because of my job. If I did not have a career and the financial indipendance to fall back on, my obstacles would have multiplied manifold. When the doctors declared my husband dead, my first words were, thank God I have a job in my hands and I will survive this. Education is a bigger gift than Gold and parents need to understand that. A job provides financial, mental and emotional well being to a woman.
The other challenge is Communication. The girls here are shy, so we encourage them to face the crowd even if for 2 minutes and speak. The practice on a regular basis, helps them overcome their hesitation.
What is your advice to girls who aspire to succeed professionally?
I was sent to colleges in Haryana and Goa and other cities for mentoring and realised that girls everywhere need to focus on education and jobs rather than getting married first. I believe that we need to help the weaker students by spending time on the areas they are unable to cope with. 0 and 80 are just numbers and I don't criticize for poor performance. If you have the will to learn, the percentages will improve as well.
Values are critical. Be a good human being, that's primary. We do not allow the use of mobile phones and discourage the girls from friendships and relationships which lead them away from education.
Lastly, Make decisions in personal relationships that make your parents and teachers proud.
Meet Sargam Singh, the star at IBM Software Labs who's grown and succeeded by plugging away challenging situations at work and home. Sargam talks about her role at IBM as a Development Manager and at home as a mother and wife in an interview with us.
Thank you Sargam for sharing your mantra with the developerette group. We are certain that your experience will encourage new mothers to not only build careers in IT but also confidently take positions in leadership.
Please tell us about your work: the role you have at IBM, your responsibilities and your team.
I have 14+ years of industry experience and have been with IBM for last 7 years. I joined IBM as a Project Lead on WebSphere Application Server Test team. Currently, I am a Development Manager with IBM India Software Labs and am responsible for development and delivery of WebSphere Service Registry and Repository (WSRR) product out of India. Besides this, I lead the Asia Pacific Tech Sales Support for WSRR and am a member of the World Wide Agile Leadership Team.
I manage a team of 11 people, out of which close to 50% are women. It is a very high potential team and I see a good diversity in the top performers. In my opinion, women can bring in a different kind of perspective, and are often able to capture softer aspects of people capabilities which makes them great team player and leaders. Tell us about your family and how you integrate your work and family?
My husband works with an IT multinational as a Program Manager. Besides us, I have a daughter who is 12 now and my mom-in-law who is with us. Both me and my spouse are in a high pressure jobs but it is the strong family support system which makes managing everything so simple. Coupled with this, IBM's work-life integration culture makes it possible to deliver the best both at work as well as for my family. I make sure that I am available for every important occasion and at any time when my family needs me the most. However, there are challenges at times, when work demands more time and my family has been amazingly supporting, including my little daughter who is growing up to be a responsible teenager.
What are some of the challenges you have had to face to keep both aspects balanced?
There have been times in my career when taking some great opportunities called for a decision which impacted my family. Soon after I joined IBM, I had to leave for US for an extended period of 6 months. I made that decision after a lot of deliberation as it meant leaving my daughter behind for that long. My husband was a big support and stood by me all through. That period was very tough for me but I emerged out of it as a winner, both at personal and professional front. My husband and daughter joined me in US for 2 weeks after my assignment ended and time and distance had in no way impacted my bonding with my daughter. In fact, she looked much more confident and independent. On the professional front, those 6 months provided a boost to my career by opening up newer opportunities.
So this is one such instance, and there are times when we have to make such tough choices. We need to understand this delicate balance and take a call depending on what is more important at that point in time. Opportunities have to be grabbed, and if you want to excel professionally, you need to have your goals defined. Family interest must come first, but women often live in a self created notion that things will break if they are not around. So create a strong support structure and when faced with a challenge which calls for a decision, talk about it to your family and they will be your biggest strength to take it head-on. Now that you have overcome the initial challenges, what is your advice to young mothers who wish to succeed in their carers?
I feel that single thing which can guarantee success is the "right attitude". I would say two things here -
Firstly, create a strong support structure, both at work and at home. At home, you need to have the confidence that things can go on even when you are away. At work, you have to build a strong team and backup which can stand by you in case of any emergency. Both these are easy to do if you have the right attitude which naturally wins love and support from people around you, be it your family, or colleagues or even a household help.
Secondly, keep your high level goals clear, both on personal and professional front. There will be times when your family needs you more and you cannot let your professional life impact that, and there will be occasions when you will have to sacrifice family time for tackling challenges on work front. The key to success is being able to successfully maintain this delicate balance. Risk Taking choices come every day in everything we do, personal or business, in many forms. It is a matter of having the confidence in your judgements and stand up for what you believe in.
Would you suggest development as a good career for women?
Certainly yes. Women often shy away from technical path for different reasons. However, women have an innate quality of dwelling deep into details of things without loosing sight of the bigger picture. This can play an important role in ensuring a very successful technical career for women. Excellence is a state of mind and it comes naturally to them. Making excellence critical in the small steps can lead to great results for the larger agenda in your personal and work lives.
Motherhood – The world’s most beautiful feeling, and today I am one of those blessed ones who can enjoy this experience.
I am Sharvari, a Software engineer at ISL, a caring mother and a responsible wife at home.
Too many roles and only 24 hours in a day, you need to be on your toes to manage everything. This juggling act demands expertise, patience and hard work.
It’s always a difficult situation for first time mothers like me to balance both professional and personal duties. They will always end up with a feeling that they have not achieved enough.
Moreover every working mom would want to give her best to her new born when she is at home and as a responsible individual you would also want to give best at work.
The key that I found in such a situation is “Effective Time Management”.
This starts from planning, one might have to plan for every small and big thing which may include planning your day properly or even planning for future.
My experience is you have to learn the 4Ds of time management–
Do it – Get it done the sooner the better.
Delegate it – It needs to be done but someone else can take care of it
Dump it – Anything that is unimportant now and in the future dump it.
Defer it – This needs to be done but not now it can wait.
Most, if not all the activities in a day can be put in these categories.
These are just a few pointers which can help you towards effective time management.
This is a learning task, and I am still learning how I can manage my time effectively to be a better mother and a better individual.
Finally, also remember to keep some time for yourself.
It is difficult to find "me time", a necessary and needed moment to refresh and regroup, while managing other things.
Work hard and smart and the world will be yours!
This section demonstrates how TAMOS can help you deal with two real-world issues faced by DB2 customers.
Some DB2 customers have reported experiencing an instance crash due to a
SIGKILL (kill -9) signal being sent to the
db2sysc process. When a
kill -9 signal is sent to
db2sysc, a DB2 instance crash is the expected behavior. However, the instance crash of a production system can have a significant business impact. The example described in this section illustrates this type of scenario.
Assume that you have a DB2 instance named Listing 6. List DB2 instance processes
db2ins95. To begin the scenario, issue a
ps command, as shown in Listing 6, to list the DB2 processes for your
[db2ins95@Server ~]$ ps -ef | grep db2
root 7970 7929 0 12:32 pts/2 00:00:00 su - db2ins95
db2ins95 7971 7970 0 12:32 pts/2 00:00:00 -bash
db2ins95 8380 1 0 12:39 pts/2 00:00:00 /home/db2ins95/sqllib/bin/db2bp
7971A2077 5 A
root 8587 1 0 12:45 pts/2 00:00:00 db2wdog 0
db2ins95 8588 8587 0 12:45 pts/2 00:00:00 db2sysc 0
root 8589 8588 0 12:45 pts/2 00:00:00 db2ckpwd 0
root 8590 8588 0 12:45 pts/2 00:00:00 db2ckpwd 0
root 8591 8588 0 12:45 pts/2 00:00:00 db2ckpwd 0
root 8592 8588 0 12:45 pts/2 00:00:00 db2pmd 0
db2ins95 8593 8588 0 12:45 pts/2 00:00:00 db2gds 0
db2ins95 8594 8588 0 12:45 pts/2 00:00:00 db2licc 0
db2ins95 8595 8588 0 12:45 pts/2 00:00:00 db2ipccm 0
db2ins95 8596 8588 0 12:45 pts/2 00:00:00 db2resync 0
db2ins95 8598 8588 1 12:45 pts/2 00:00:00 db2acd 0 ,0,0,0,1,0,0,0,897d44
db2ins95 8617 7971 0 12:45 pts/2 00:00:00 ps -ef
db2ins95 8618 7971 0 12:45 pts/2 00:00:00 grep db2
root 14366 1 0 Mar19 ? 00:00:25 /opt/ibm/db2/V9.1/bin/db2fmcd
Next, connect users to SAMPLE database, as shown in Listing 7.Listing 7. Connect users to SAMPLE database
[db2ins95@Server ~]$ db2 "connect to sample"
Database Connection Information
Database server = DB2/LINUX 9.1.5
SQL authorization ID = DB2INS95
Local database alias = SAMPLE
[db2ins95@Server ~]$ db2 list tables
Table/View Schema Type Creation time
------------------------------- --------------- ----- --------------------------
ACT DB2INS95 T 2010-03-22-12.37.09.890866
ADEFUSR DB2INS95 S 2010-03-22-220.127.116.118864
CL_SCHED DB2INS95 T 2010-03-22-12.37.09.641766
DEPARTMENT DB2INS95 T 2010-03-22-12.37.09.654181
DEPT DB2INS95 A 2010-03-22-12.37.09.716163
EMP DB2INS95 A 2010-03-22-12.37.09.749817
EMPACT DB2INS95 A 2010-03-22-12.37.09.887997
EMPLOYEE DB2INS95 T 2010-03-22-12.37.09.717494
EMPMDC DB2INS95 T 2010-03-22-12.37.15.079208
EMPPROJACT DB2INS95 T 2010-03-22-12.37.09.876485
Listing 8 shows Listing 8.
kill -9 being issued against the
db2sysc process and the DB2 instance crashing.
kill -9 against
db2sysc causes instance crash
[db2ins95@Server ~]$ kill -9 8588
[db2ins95@Server ~]$ db2 list tables
SQL1224N The database manager is not able to accept new requests, has
terminated all requests in progress, or has terminated your particular request
due to a problem with your request. SQLSTATE=55032
[db2ins95@Server ~]$ db2 connect to SAMPLE
SQL1032N No start database manager command was issued. SQLSTATE=57019
Listing 9 is an example of the resulting entries in the db2diag.log file after the instance crash. These entries indicate that the instance crash occurred due to Listing 9. Sample db2diag.log entries
SIGKILL being issued by a user or application.
2010-03-22-18.104.22.1683973-300 I39299G722 LEVEL: Error
PID : 8587 TID : 3086112448 PROC : db2wdog 0 0
INSTANCE: db2ins95 NODE : 000
FUNCTION: DB2 UDB, oper system services, sqlossig, probe:10
MESSAGE : Sending SIGKILL to the following process id
DATA #1 : signed integer, 4 bytes
 0x0276568D sqlossig + 0x117
 0x0132313A sqloWatchDogMain + 0x20E
 0x0132192A sqloRunInstance + 0xCE
 0x0804D450 DB2main + 0x6DC
 0x0804CD6C main + 0x24
 0x04938DF3 __libc_start_main + 0xD3
 0x0804CCB1 _Z21sqlePdbProcessRequestP11sqkfChannelPv + 0x1C1
 0x00000000 ?unknown + 0x0
 0x00000000 ?unknown + 0x0
 0x00000000 ?unknown + 0x0
TAMOS steps in!
Now you will see how TAMOS can help you prevent the scenario described above.
First, create an object for the Listing 10. Create object
db2sysc process as a file resource in the TAMOS object space, as shown in Listing 10.
pdadmin sec_master> object create /OSSEAL/Server.in.ibm.com/File/home/db2ins95\
/sqllib/adm/db2sysc "Db2 process" 3 ispolicyattachable yes
Next, as shown in Listing 11, create a policy that does not give DB2 instance user db2ins95 and root user permission to kill the process.Listing 11. Create policy
pdadmin sec_master> acl create db2-acl
pdadmin sec_master> acl modify db2-acl set user root T[OSSEAL]
pdadmin sec_master> acl modify db2-acl set user db2ins95 T[OSSEAL]
Now the ACL is defined not to give DB2 instance user db2ins95 and root user the kill (that is, the "k") permission bit. The last step is to enforce the policy on the object, as shown in Listing 12.Listing 12. Enforce the policy on the object
pdadmin sec_master> acl attach /OSSEAL/Server.in.ibm.com/File/home/db2ins95\
Issue the Listing 13. List DB2 instance processes
ps command again to list the DB2 processes that are running. Compare the sample output in Listing 13 to that in Listing 6.
[db2ins95@Server root]$ ps -ef | grep db2
root 14366 1 0 Mar19 ? 00:00:29 /opt/ibm/db2/V9.1/bin/db2fmcd
root 28330 28278 0 23:42 pts/1 00:00:00 su db2ins95
db2ins95 28331 28330 0 23:42 pts/1 00:00:00 bash
root 28426 1 0 23:42 pts/1 00:00:00 db2wdog 0
db2ins95 28427 28426 0 23:42 pts/1 00:00:00 db2sysc 0
root 28428 28427 0 23:42 pts/1 00:00:00 db2ckpwd 0
root 28429 28427 0 23:42 pts/1 00:00:00 db2ckpwd 0
root 28430 28427 0 23:42 pts/1 00:00:00 db2ckpwd 0
root 28431 28427 0 23:42 pts/1 00:00:00 db2pmd 0
db2ins95 28432 28427 0 23:42 pts/1 00:00:00 db2gds 0
db2ins95 28433 28427 0 23:42 pts/1 00:00:00 db2licc 0
db2ins95 28434 28427 0 23:42 pts/1 00:00:00 db2ipccm 0
db2ins95 28435 28427 0 23:42 pts/1 00:00:00 db2resync 0
db2ins95 28437 28427 0 23:42 pts/1 00:00:00 db2acd 0 ,0,0,0,1,0,0,0,897d44
db2ins95 28629 28434 0 23:47 pts/1 00:00:00 db2agent (idle) 0
db2ins95 28951 28331 0 23:52 pts/1 00:00:00 ps -ef
db2ins95 28952 28331 0 23:52 pts/1 00:00:00 grep db2
Now, as shown in Listing 14, when the db2ins95 or root user tries to kill the Listing 14. kill -9 not permitted
db2sysc process, he is not allowed to do so because you have used TAMOS to put the proper controls and policies in place.
[db2ins95@Server root]$ kill -9 28427
bash: kill: (28427) - Operation not permitted
TAMOS can also help you track who actually issued the kill command, which can lead to you identifying the real culprit. This tracking functionality is discussed later in the article.
DB2 support has also documented several problem reports where a customer has accidentally deleted tablespace containers while performing operating system maintenance activities. In some cases, this has resulted in the loss of a significant amount of data. This type of scenario also results in the tablespace becoming inaccessible. The example described in this section illustrates this type of scenario.
As in Case 1, for this example assume that you have a DB2 instance named Listing 15. Connect users to SAMPLE database
db2ins95. To begin the scenario, connect users to SAMPLE database, as shown in Listing 15.
[db2ins95@Server root]$ db2 "connect to sample"
Database Connection Information
As shown in Listing 16, create a tablespace with one container named Listing 16. Create a tablespace
[db2ins95@Server root]$ db2 "create tablespace tbsp1 managed by database \
using (file '/test/cont1' 1000)"
DB20000I The SQL command completed successfully.
Create a table named Listing 17. Create tables
table1 in the
cont1 tablespace, as shown in Listing 17.
[db2ins95@Server root]$ db2 "create table table1(id int, name varchar(10)) in tbsp1"
DB20000I The SQL command completed successfully.
Then, as shown in Listing 18, insert some sample data into the table.Listing 18. Insert sample data
db2ins95@Server root]$ db2 "insert into table1 values(1,'a'),(2,'b'),(3,'c')"
DB20000I The SQL command completed successfully.
[db2ins95@Server root]$ db2 "select * from table1"
3 record(s) selected.
[db2ins95@Server test]$ db2 connect reset
DB20000I The SQL command completed successfully.
To simulate what would happen if the tablespace were accidentally deleted, issue an Listing 19. Delete the tablespace container
rm command, as shown in Listing 19.
[root@Server ~]# rm -rf /test/cont1
Now, as shown in Listing 20, when users reconnect to the database and try to access the table, they receive an error.Listing 20. Access attempt returns error
[db2ins95@Server test]$ db2 connect to sample
Database Connection Information
Database server = DB2/LINUX 9.1.5
SQL authorization ID = DB2INS95
Local database alias = SAMPLE
[db2ins95@Server test]$ db2 "select * from table1"
SQL0290N Table space access is not allowed. SQLSTATE=55039
The tablespace has become inaccessible because its container was deleted, and all the data you inserted in the table is lost!
TAMOS steps in!
Now you will see how TAMOS can help you in the type of situation outlined above by preventing users from removing the containers, and thereby securing your system against potential data loss.
In this example, the container, which is simply a file resource on the operating system, is in the /test directory. As shown in Listing 21, create an object for /test/cont1 under the file resource.Listing 21. Create an object
pdadmin sec_master> object create /OSSEAL/Server.in.ibm.com/File/test/cont1 \
"Containers" 2 ispolicyattachable yes
Next, create a policy to protect against users being able to remove this object, as shown in Listing 22.Listing 22. Create a policy
pdadmin sec_master> acl create cont-acl
pdadmin sec_master> acl modify cont-acl set user root T[OSSEAL]rwx
pdadmin sec_master> acl show cont-acl
ACL Name: cont-acl
User sec_master TcmdbsvaBRl
User root T[OSSEAL]rwx
Now, the ACL is defined to give the root user read, write, and execute permissions, but not the deletion (that is, the "d") permission bit. The last step is to enforce the policy on the object, as shown in Listing 23.Listing 23. Enforce the policy on the object
pdadmin sec_master> acl attach /OSSEAL/Server.in.ibm.com/File/test/cont1 cont-acl
Now, as shown in Listing 24, when the root user tries to remove the container, he is not allowed to do so. TAMOS has just prevented accidental data loss due to deletion of the container.Listing 24. Container deletion not permitted
[root@Server ~]# rm -rf /test/cont1
rm: cannot remove `/test/cont1': Permission denied
Auditing and tracing
This section describes how you can use TAMOS to monitor or track operations performed against DB2 processes and resources.
For example, in the scenario described in Case 1 above, a
kill -9 was issued against the
db2sysc process. If such a situation were to actually occur, you would likely want to know who was responsible for the action. The fine and granular level of auditing provided by TAMOS can help you do so.
TAMOS provides three levels of auditing:
The following example illustrates resource level auditing. Assume that as described in Case 1, the policies shown in Listing 25 are in place for your system.Listing 25. Case 1 policies
pdadmin sec_master> object show /OSSEAL/Server.in.ibm.com/File/home/db2ins95\
Type: 3 (Executable)
Is Policy Attachable: Yes
Attached ACL: db2-acl
Effective Extended Attributes:
Effective ACL: db2-acl
With the above policies, the ACL
db2-acl protects the
db2sysc from being killed.
Now, as shown in Listing 26, create a POP with a specification that all actions on the protected object will be audited. This tells TAMOS to track when a Listing 26. Create a POP to audit all actions
SIGKILL is issued against the resource regardless of whether or not the user is allowed to kill the
pdadmin sec_master> pop create track-user
pdadmin sec_master> pop modify track-user set audit-level all
Enforce the policy on the object by attaching the POP to the object, as shown in Listing 27.Listing 27. Enforce the policy on the object
pdadmin sec_master> pop attach /OSSEAL/Server.in.ibm.com/File/home/db2ins95\
Issue the Listing 28. List DB2 instance processes
ps command to list the DB2 processes that are running, as shown in Listing 28.
[db2ins95@Server root]$ ps -ef | grep db2
root 14366 1 0 Mar19 ? 00:00:33 /opt/ibm/db2/V9.1/bin/db2fmcd
root 19969 18669 0 11:59 pts/2 00:00:00 su db2ins95
db2ins95 19970 19969 0 11:59 pts/2 00:00:00 bash
db2ins95 20051 19970 0 11:59 pts/2 00:00:00 ps -ef
db2ins95 20052 19970 0 11:59 pts/2 00:00:00 grep db2
db2ins95 29476 1 0 00:05 ? 00:00:00 /home/db2ins95/sqllib/bin/db2bp 29389A2077
root 30183 1 0 00:14 ? 00:00:00 db2wdog 0
db2ins95 30184 30183 0 00:14 ? 00:00:00 db2sysc 0
root 30185 30184 0 00:14 ? 00:00:00 db2ckpwd 0
root 30186 30184 0 00:14 ? 00:00:00 db2ckpwd 0
root 30187 30184 0 00:14 ? 00:00:00 db2ckpwd 0
Now, as shown in Listing 29, a user attempts to kill the Listing 29.
db2sysc process, but the operation is not permitted.
kill -9 not permitted
[db2ins95@Server root]$ kill -9 30184
bash: kill: (30184) - Operation not permitted
Listing 30 is an example of the resulting entries in the audit.log file after the attempt to issue the Listing 30. Snapshot from the audit.log
kill -9. Although the user was not allowed to kill the process, the action is tracked and does not go unnoticed. You could also use the
pdosaudview utility provided by TAMOS to view the audit report.
*** START OF NEW RECORD ***
Timestamp Tue 23 Mar 2010 11:59:25 AM EST
Audit Event An authorization decision was made.
Audit View Deny
Audit Reason Resource Audit
Audit Resource Type File
Accessor Name root
Accessor Effective Name db2ins95
Audit Action Check Access
Audit Permissions kill
Audit Qualifier Checking resource access control policy.
Policy Branch Name Server.in.ibm.com
Protected Object Name File/home/db2ins95/sqllib/adm/db2sysc
System Resource Name /home/db2ins95/sqllib/adm/db2sysc
Accessor Process ID 19970
Running Program System Resource Name /bin/bash
Audit Outcome Success
Audit Uniqifier 0
The above record shows that a
kill was issued against the system resource, /home/db2ins95/sqllib/adm/db2sysc. The Accessor Effective field shows that the user who issued the
kill was db2ins95.
This article introduced you to the IBM Tivoli Access Manager for Operating Systems (TAMOS) solution. It provided an overview of how you can install and configure TAMOS, and showed how it can be used to protect DB2 processes and resources on UNIX and Linux operating systems. Once you understand the concepts of TAMOS, you will be in a better position to provide security to your system resources on top of that provided by the native operating system.
Every database management system must be able to protect data against unauthorized access and modification. This also holds true for IBM DB2 Database for Linux, UNIX, and Windows® (DB2). DB2 uses several mechanisms, such as authentications, authorizations, and privileges, to meet this need. However, to protect its resources (such as processes, containers, system files), DB2 mostly relies on the native operating system.
Tivoli Access Manager for Operating System (TAMOS) is an IBM solution that uses a centralized policy management approach to protect resources on UNIX or Linux operating systems. Therefore, you can use it to provide an extra layer of security in addition to that provided by the native operating system.
Following is an overview of the topics covered by the article:
- Introduction of TAMOS along with an overview of how to install and configure
- How to use authorization policies to protect DB2 resources
- Real-world scenarios that throw light on potential security loopholes of the database management system as well as the native operating system on which it is installed, and how you can use TAMOS to close those loopholes
- How to track and monitor the operations against DB2 processes
What is TAMOS?
The UNIX and Linux operating systems pose several security concerns from an enterprise perspective. TAMOS addresses these concerns by providing operating system-level access control for UNIX and Linux operating systems. The TAMOS centralized policy management technique prevents unauthorized access, and monitors accesses to sensitive data and resources.
TAMOS is implemented as a series of daemons, kernel extensions, and control files for either the UNIX or Linux operating system. The TAMOS kernel extensions intercept all the system calls. The centralized authorization daemon named
pdosd then participates in all authorization decisions when a system call is made.
The flow chart in Figure 1 demonstrates how TAMOS implements the security layer by intercepting the system calls at the kernel level.Figure 1. Sample flowchart to illustrate TAMOS kernel interception
There are several prerequisite system requirements that must be met before you can begin to install and configure IBM TAMOS. However, a detailed description of these prerequisites is beyond the scope of this article.
You can install TAMOS in one of four ways:
- Multiplatform GUI-mode installation
- Multiplatform console-mode installation
- Multiplatform silent mode installation
- Native installation
The example in this section describes the first type of installation — how to perform a GUI mode installation of TAMOS, and specifically on a Linux server. The examples in later sections of the article also assume use of the Linux operating system.
To begin an interactive GUI-mode installation, locate your TAMOS CD and run the program with the name:
platform represents the name of your operating system. This program begins the installation process by launching the installation wizard. For the example installation on a Linux system described in this article, the install program is
Figures 2 and 3 show sample screenshots from the TAMOS installation wizard.Figure 2. Tamos Installation screen Figure 3. Recommended System Settings
As you proceed through the wizard, it guides you through the installation and configuration of TAM Runtime, using the appropriate LDAP server.
The silent mode of installation uses response files to install silently. The native installation uses the native software installation utility provided by the operating system.
This section explains how to configure TAMOS on a UNIX or Linux operating system after you perform a native installation. When you use Installshield multiplatform to install, TAMOS is already configured as part of the installation process. However, if you perform a native installation, you still need to configure TAMOS after the installation.
The command you use to configure TAMOS after a native installation is
pdoscfg. Following are the required configuration options that you must specify with your initial configuration:
Listing 1. Sample command for configuration of TAMOS
branch — policy branch to which this system subscribes
suffix — user registry suffix under which users associated with TAMOS are created
registry_ssl_cacert — certificate of TAM user registry server
admin_name — the name of the Tivoli Access Manager administrator
admin_pwd — the password for the Tivoli Access Manager administrator
[root@Server~]#pdoscfg -registry_ssl_cacert /ldapcert.arm -branch Server.in.ibm.com \
-suffix o=ibm,c=in -admin_name administrator -admin_pwd password
The term DB2 resources refers to DB2 processes, containers, system files, etc. that are present on the operating system where DB2 is installed. TAMOS uses various access controls such as Access Control Lists (ACLs) and Protected Object Policies (POPs) to protect these resources. It uses the static mode of creating objects in a policy database to protect them. Every DB2 resource that has to be protected must be explicitly created as an object in the policy database and must have an ACL/POP attached to it.
The following example demonstrates how you can use TAMOS access controls to protect against fraudulent behavior:
A root user who has all permissions on a UNIX or Linux machine tries to switch his identity to a DB2 instance user (for example, db2ins95) and tamper with some DB2 processes. This is where TAMOS would step in to provide protection. TAMOS provides a way you can protect surrogate operations by using surrogate resources. You start by creating an object.
Following is the syntax to create an object:
Object create /OSSEAL/<Server name>/Resource "Description" <object type> ispolicyattachable yes|no
So, for example, in the case described above, you could use a command like the one in Listing 2 to create an object for the surrogate resource.
Listing 2. Sample command for creating an object
pdadmin sec_master> object create /OSSEAL/Server.in.ibm.com/Surrogate/User/db2ins95 \
"SurrogateUser" 0 ispolicyattachable yes
You could then use a command like the one in Listing 3 to create a policy to prohibit root from switching user identity to db2ins95.Listing 3. Sample command for creating an ACL
pdadmin sec_master> acl show surr-acl
ACL Name: surr-acl
User sec_master TcmdbsvaBRl
User root T
The above ACL shows the root user is not given the surrogate permission bit "G". Now you can use a command like the one in Listing 4 to attach the policy to the object for enforcement.Listing 4. Sample command for attaching a policy to an object for enforcement
pdadmin sec_master> acl attach /OSSEAL/Server.in.ibm.com/Surrogate/User/db2ins95 surr-acl
Now, as shown in Listing 5, if the root user tries to change identity to a DB2 instance user, he is not allowed to do so.Listing 5. Identity change to DB2 instance user not allowed
[root@Server ~]# whoami
[root@Server ~]# su - db2ins95
su: cannot set user id: Operation not permitted
The example in this section has shown you how to create objects and apply policies to them. Specifically, it showed you how to protect DB2 resources by controlling whether a root user can switch to a DB2 instance user. This ability to control root account use is one of the key features of TAMOS.