On April 7, 2014 IBM CICS Transaction Server for z/OS V5.2 has been announced with a planned availability date of June 13, 2014. This release includes support for stronger cryptographic ciphers per Special Publication 800-131A from the National Institute of Standards and Technology (NIST). A service stream enhancement (SSE) to IBM Security zSecure 2.1 is planned for the same date. Besides providing support for this new CICS release the SSE will also further enhance the zSecure Compliance Testing Framework. Edit: The SSE is now available. You can find a detailed description here.

Background

Fifty years after the announcement of the IBM System/360, mainframe security has evolved to support cloud, mobile and big data applications for future innovation. Mainframes continue to be the home for mission critical information and essential  business production applications in many organizations due to the strong heritage of integrated security support capabilities across hardware, operating system, software and applications. IBM Security zSecure suite builds on the security support in z/OS and  Resource Access Control Facility to enhance mainframe security capabilities.

Many industries have security standards and compliance regulations such as the Payment Card Industry Data Security Standard (PCI-DSS) that require special security controls and auditing. zSecure introduced the Compliance Testing Framework for these in zSecure 1.13.1, which is regularly being extended. The new SSE will focus on the Security Technical Implementation Guides (STIGs) from the Defense Information Systems Agency (DISA) used by government and commercial customers as technical guidance to "lock down" information systems and software that might otherwise be vulnerable to a malicious computer attack.

This will be the fourth SSE for zSecure 2.1, following enhanced security intelligence through integration with IBM Infosphere Guardium 9.1, support for DB2 11 and IMS 13, and Compliance Testing Framework extensions for PCI-DSS.

Further reading

Learn more about game-changing technology that makes the extraordinary possible and improves the way the world works at the IBM Mainframe50 page, about the long way mainframe security has come in the past 50 years in the whitepaper "Creating the ultimate security platform",  and about new mainframe security capabilities at the System z Security Announcements page.

Questions can be posted on the zSecure forum on developerWorks. You can also visit the zSecure community and wiki. The current zSecure for z/VM release at the time of original publication was 1.11.1. The IBM Security zSecure today developerWorks article serves as a starting point to reach all the latest zSecure announcements.

Tags:  servicemanagementconnect zsecure soa mainframe systemz security z/os ism cics