Validate a signature



All about SAF, RACF, encryption, Firewall, Risk assessment and integrity concepts

Validate a signature

Postby Martin Gross » Sat Nov 05, 2011 12:00 am

Does anyone know if there is a system program or service available to validate a signature?
If so, where does it store the needed key?

Background:
Over an unsecured network data is transfered to our mainframe.
To protoect the data from being spoofed (manipulated) on the way to our mainframe it is signed (using e.g. MD5, AES).
So we'd only except the data, when the provided signature is valid.
Martin Gross
 
Posts: 2
Joined: Fri Nov 04, 2011 11:47 pm
Has thanked: 0 time
Been thanked: 0 time

Re: Validate a signature

Postby Robert Sample » Sat Nov 05, 2011 1:25 am

IF this is possible, and I'm not saying for sure it is, you need to work with your site security group as the security software (RACF, ACF/2, or TOP SECRET) would be handling the signature / certification. The only time I've dealt with AES on the mainframe, it was for encryption / decryption and used a software product from an ISV. I do know RACF handles certificates but don't know the details.
Robert Sample
Global moderator
 
Posts: 3720
Joined: Sat Dec 19, 2009 8:32 pm
Location: Dubuque, Iowa, USA
Has thanked: 1 time
Been thanked: 279 times

Re: Validate a signature

Postby jaggz » Wed Jan 18, 2012 2:43 pm

Two ways in RACF : Self -signed Certificate and Signed up by the third party validators.(CSR). More information on this : "RACF digital signature".
User avatar
jaggz
 
Posts: 356
Joined: Fri Jul 23, 2010 8:51 pm
Has thanked: 8 times
Been thanked: 5 times


Return to Mainframe Security