Nikunj Panchal and Subramanian Krishnan have recently published an article on developerWorks showing how to integrate your PGP-based public key infrastructure with WebSphere Cast iron's built in support for data encryption so that you can acheive true-end-to-end data protection for all your enterprise orchestrations based on Cast Iron
You might also be interested in
Getting Started With WebSphere Cast Iron
The publication also includes three detailed scenarios covering real-world implementations of a Cast Iron Integration Solution.
I know everyone's scrambling to figure out what has to be patched to fix the Heartbleed bug. Please keep in mind that Heartbleed is a bug in the OpenSSL implementation of SSL, not a flaw in SSL itself. I know that many IBM products don't use OpenSSL and aren't affected by the Heartbleed bug. Having said that, there are probably some IBM products that DO need to be patched. And I wouldn't dare try to enumerate them.
Because IBM has a team of people whose job is specifically to monitor security vulnerability announcements and make sure the affected IBM products are made aware and to make sure patches get rolled out. They are the IBM
Jon Tate has published a post on the System Storage Redbooks blog with more details on how to get plugged into the PSIRT team's announcements about Heartbleed and other security alerts. So go check that post out and get plugged in.
You might also be interested in.....
Encrypting Data With Confidence
IBM has published a new white paper on encrypting data at enterprise scale. Learn about encrypting mission critical data with confidence and reduce security risks across the enterprise and beyond.
Many IBM products use the IBM Global Security Kit component for SSL and other encryption tasks. Oktawian Powązka has just published a new white paper at the security on developerWorks community that goes into detail about what you can and can't do with GSKit for FIPS and Suie B compliance. This white paper is a must read for anyone who has to worry about compliance to these stan
You might also be interested in:
Encrypting Data With Confidence:
IBM published a new white paper on encrypting data at enterprise scale. Learn about encrypting mission critical data with confidence and reduce security risks across the enterprise and beyond. Download "Encrypting Data With Confidence."
IPsec -- the Internet Protocol Security technology protocol suite that authenticates and/or encrypts each IP packet of a communication session in order to secure IP communications -- is a foundation tool that can be complex to implement, especially in an enterprise comprised of many systems. There are two modes in which IPsec can be implemented:
Tunnel mode is an important concept but it can be quite a numbers nightmare. To use IPsec tunnels, each system under an enterprise's control must be configured individually using an XML configuration file or command line. Each IPsec tunnel between two systems has to be configured for more than 20 different parameters; only a few of these are machine dependent.
To reduce the propensity for error from so many configuration variables, IBM introduced a feature in AIX IPsec that simplifies the process. In Simplify and centralize IPSec management on AIX, IBM Software Engineer Jyoti Tenginakai shows you how to use the centralized IPSec management feature in AIX that creates tunnels for each pair of IP addresses that are part of the IPsec configuration policy. Tenginakai also explains how to simplify and centralize management of a configuration using LDAP as a central repository.