81 lines
5.6 KiB
HTML
81 lines
5.6 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="concept" />
|
|
<meta name="DC.Title" content="Use digital signatures to protect software integrity" />
|
|
<meta name="abstract" content="Using digital signatures gives you greater control over which software can be loaded onto your system, and allows you more power to detect changes once it has been loaded." />
|
|
<meta name="description" content="Using digital signatures gives you greater control over which software can be loaded onto your system, and allows you more power to detect changes once it has been loaded." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzamvdevelopintrusiondetectstrat.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="digitalsign" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Use digital signatures to protect software integrity</title>
|
|
</head>
|
|
<body id="digitalsign"><a name="digitalsign"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Use digital signatures to protect software integrity</h1>
|
|
<div><p>Using digital signatures gives you greater control over which software
|
|
can be loaded onto your system, and allows you more power to detect changes
|
|
once it has been loaded.</p>
|
|
<p>All of the security precautions you take are meaningless if someone can
|
|
bypass them by introducing tampered data into your system. The server has
|
|
many built-in features which you can use to keep tampered software from being
|
|
loaded onto your system, and to detect any such software already there. One
|
|
of the techniques is <span class="uicontrol">object signing</span>. </p>
|
|
<p>Object signing is the implementation of a cryptographic concept known as <span class="uicontrol">digital
|
|
signatures</span>. The idea is relatively straightforward: once a software
|
|
producer is ready to ship software to customers, the producer <span class="q">"signs"</span> the
|
|
software. This signature does not guarantee that the software performs any
|
|
specific function. However, it provides a way to prove that the software came
|
|
from the producer who signed it, and that the software has not changed since
|
|
it was produced and signed. This is particularly important if the software
|
|
has been transmitted across the Internet or stored on media which you feel
|
|
might have been modified.</p>
|
|
<p>The new system value, Verify Object Restore (QVFYOBJRST), provides a mechanism
|
|
for setting a restrictive policy which requires all software loaded onto the
|
|
system to be signed by known software sources. You can also choose a more
|
|
open policy and simply verify signatures if they are present.</p>
|
|
<p>All i5/OS™ software,
|
|
as well as the software for options and licensed programs, has been signed
|
|
by a system trusted source. These signatures help the system protect its integrity,
|
|
and they are checked when fixes are applied to the system to ensure that the
|
|
fix has come from a system trusted source and that it did not change in transit.
|
|
These signatures can also be checked once the software is on the system. The <span class="cmdname">CHKOBJITG</span> (Check
|
|
Object Integrity) command checks signatures of the objects on the system.
|
|
Additionally, the Digital Certificate Manager has panels that you can use
|
|
to check signatures on objects, including objects in the operating system. </p>
|
|
<p>Just as the operating system has been signed, you could use digital signatures
|
|
to protect the integrity of software which is critical to your business. You
|
|
might buy software which has been signed by a software provider, or you might
|
|
sign software which you have purchased or written. Part of your security policy,
|
|
then, might be to periodically use <span class="cmdname">CHKOBJITG</span>, or the Digital
|
|
Certificate Manager, to verify that the signatures on that software are still
|
|
valid—that the objects have not changed since they were signed. You can also
|
|
require that all software which gets restored on your system be signed by
|
|
you or a known source. However, since most server software which is not produced
|
|
by IBM<sup>®</sup> is
|
|
not currently signed so this method might be too restrictive for your system.
|
|
The digital signature function gives you the flexibility to decide how best
|
|
to protect your software integrity. </p>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvdevelopintrusiondetectstrat.htm" title="The following information is a collection of tips to help you detect potential security exposures.">Prevent and detect security exposures</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |