Monitoring data integrity

To monitor the integrity of your FTM SWIFT database tables:
  • Monitor the FTM SWIFT events that are issued by the data integrity checker (DIC).
    Notes:
    • You should register at least for the following events:
      • DNPD1235I indicating that the DIC was started
      • DNPD1233E indicating that problems in data integrity were detected
    • For information on events issued by the DIC, see the description of messages DNPD1001E - DNPD1314E.
  • Monitor the system log for messages DNPD1310, DNPD1311, DNPD1312, DNPD1313 and DNPD1314 from the FTM SWIFT data integrity framework.
  • Monitor the system log for data integrity framework messages reporting any of the following SQLSTATE values:
    Table 1. SQLSTATE values issued by the FTM SWIFT data integrity framework
    SQLSTATE Explanation Required action
    990C0 Data integrity password is not set No data was manipulated. Fix the root cause and continue processing.

    To identify the root cause:

    • Ensure that no unauthorized data manipulation attempt occurred
    • Ensure that you performed all steps described in Activating the data integrity framework (specifically, that you issued DIC command init)
    • Check for additional data integrity related messages before the current message that might indicate why FTM SWIFT was not able to load the data integrity password from the vault
    • Ensure that the vault that was specified when issuing the DIC commands init or changepw is available on all FTM SWIFT broker servers in the correct path and that the message broker has read permission for this vault
    990D0
    990I0
    990C1 Wrong data integrity password
    990D1
    990I1
    990C2 Either of the following:
    • A wrong data integrity password was used
    • A record to be processed has an invalid control record
    		 Data integrity is no longer guaranteed. You need to verify the data records that are potentially changed and decide how to continue.
    Possible root causes:
    • An unauthorized data manipulation (or manipulation attempt) occurred
    • A restore of data that was saved when a different data integrity password was active (990C2)
    • DIC command build was not issued during data integrity framework activation (990C3)
    • FTM SWIFT services did run while data integrity triggers were deactivated, for example, to do housekeeping (990C4)
    To get more information, run DIC command check.

    Repair data integrity control records after you verified data validity, using DIC command build.

    Drop the corresponding records for falsified data and recover according to the affected service (for example, send a FIN message again in your business application). To drop a suspicious record of the SIPN FIN service, you can use the DIC command dispose.
    990D2
    990I2
    990C3 A record to be processed has a missing control record
    990C4 Checksum of record to be updated does not match checksum in associated control table
    990D4 Data integrity framework is only partially activated No data was manipulated. Fix the root cause and continue processing.

    Ensure that you performed all steps described in Activating the data integrity framework (specifically, that you issued DIC command init). If the data integrity framework was initialized correctly, an unauthorized person, program, or process modified table DNI_CCTRL.
    990I4
    990O5 Opening a connection to the data integrity framework using DNI_DI_OPEN failed. No data was manipulated. For more information refer to message DNPD1310E.
    990C5 Reading data integrity information failed. No data was manipulated. Ensure DNI_DI_OPEN was called before.
    990D5
    990I5
    Note: Each SQLSTATE value listed in Table 1 might indicate that an unauthorized person or program tried to modify FTM SWIFT data. You must analyze the root cause of the situation and verify your security measures. Furthermore, you should run the DIC command check.
  • Monitoring unwanted modifications made by external applications (for example, SPUFI or Db2® command line processor) can be done using different means and depends on the middleware components used. For example, the START TRACE command can be used in Db2 to activate different monitoring facilities. The traces required to be activated and how the monitoring information is displayed or can be retrieved is outside the functionality of FTM SWIFT. The SQLSTATE values issued by the FTM SWIFT data integrity framework can be used to monitor for unwanted changes using an external monitoring solution.
You should verify the integrity of the DIC utility from time to time. To do so:
  1. Issue the following command to check the signature of the DIC's JAR file: 
    jarsigner -verify -certs -verbose
          -keystore keystore inst_dir/run/classes/dnpdic.jar
    where:
    keystore
    The keystore file that you created when executing step 1 as described in Certificate keystore (for example, /var/ftmswift_v300/run/ftmswift_keystore.jks)
    inst_dir
    The directory where FTM SWIFT is installed
    For example:
    jarsigner -verify -certs -verbose
          -keystore /var/ftmswift_v300/run/ftmswift_keystore.jks
          /usr/lpp/IBM/ftmswift/v300/run/classes/dnpdic.jar
  2. Ensure that the output of the jarsigner program contains the following information: 
    jar verified.
    Note: The following warning can be ignored:
    This jar contains signatures that does not include a timestamp.
Without a timestamp, users may not be able to validate this jar
after the signer certificate's expiration date (2022-10-03)
or after any future revocation date.