Find information about i5/OS™ object signing and signature verification security capabilities that you can use to ensure the integrity of objects. Learn how to use one of several i5/OS methods for creating digital signatures on objects to identify the source of the object and provide a means for detecting changes to the object. Also learn how to enhance system security by verifying digital signatures on objects, including operating system objects, to determine whether there have been changes to the contents of the object since it was signed.
Object signing and signature verification are security capabilities that you can employ to verify the integrity of a variety of objects. You use a digital certificate's private key to sign an object, and you use the certificate (which contains the corresponding public key) to verify the digital signature. A digital signature ensures the integrity of time and content of the object that you are signing. The signature provides proof of both authenticity and authorization. It can be used to show proof of origin and detect tampering. By signing the object, you identify the source of the object and provide a means for detecting changes to the object. When you verify the signature on an object you can determine whether there have been changes to the contents of the object since it was signed. You can also verify the source of the signature to ensure the reliability of the object's origin.
You can implement object signing and signature verification by:
To learn more about these methods of signing objects and how signing objects can enhance your current security policy, review these topics: