Using digital signatures gives you greater control over which software can be loaded onto your system, and allows you more power to detect changes once it has been loaded.
All of the security precautions you take are meaningless if someone can bypass them by introducing tampered data into your system. The server has many built-in features which you can use to keep tampered software from being loaded onto your system, and to detect any such software already there. One of the techniques is object signing.
Object signing is the implementation of a cryptographic concept known as digital signatures. The idea is relatively straightforward: once a software producer is ready to ship software to customers, the producer "signs" the software. This signature does not guarantee that the software performs any specific function. However, it provides a way to prove that the software came from the producer who signed it, and that the software has not changed since it was produced and signed. This is particularly important if the software has been transmitted across the Internet or stored on media which you feel might have been modified.
The new system value, Verify Object Restore (QVFYOBJRST), provides a mechanism for setting a restrictive policy which requires all software loaded onto the system to be signed by known software sources. You can also choose a more open policy and simply verify signatures if they are present.
All i5/OS™ software, as well as the software for options and licensed programs, has been signed by a system trusted source. These signatures help the system protect its integrity, and they are checked when fixes are applied to the system to ensure that the fix has come from a system trusted source and that it did not change in transit. These signatures can also be checked once the software is on the system. The CHKOBJITG (Check Object Integrity) command checks signatures of the objects on the system. Additionally, the Digital Certificate Manager has panels that you can use to check signatures on objects, including objects in the operating system.
Just as the operating system has been signed, you could use digital signatures to protect the integrity of software which is critical to your business. You might buy software which has been signed by a software provider, or you might sign software which you have purchased or written. Part of your security policy, then, might be to periodically use CHKOBJITG, or the Digital Certificate Manager, to verify that the signatures on that software are still valid—that the objects have not changed since they were signed. You can also require that all software which gets restored on your system be signed by you or a known source. However, since most server software which is not produced by IBM® is not currently signed so this method might be too restrictive for your system. The digital signature function gives you the flexibility to decide how best to protect your software integrity.