ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzalz_5.4.0.1/rzalzosintro.htm

89 lines
7.6 KiB
HTML

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Object signing and signature verification" />
<meta name="abstract" content="Find information about i5/OS object signing and signature verification security capabilities that you can use to ensure the integrity of objects. Learn how to use one of several i5/OS methods for creating digital signatures on objects to identify the source of the object and provide a means for detecting changes to the object. Also learn how to enhance system security by verifying digital signatures on objects, including operating system objects, to determine whether there have been changes to the contents of the object since it was signed." />
<meta name="description" content="Find information about i5/OS object signing and signature verification security capabilities that you can use to ensure the integrity of objects. Learn how to use one of several i5/OS methods for creating digital signatures on objects to identify the source of the object and provide a means for detecting changes to the object. Also learn how to enhance system security by verifying digital signatures on objects, including operating system objects, to determine whether there have been changes to the contents of the object since it was signed." />
<meta name="DC.Relation" scheme="URI" content="rzalzprint.htm" />
<meta name="DC.Relation" scheme="URI" content="rzalzobjconcepts.htm" />
<meta name="DC.Relation" scheme="URI" content="rzalzscenariosoverview.htm" />
<meta name="DC.Relation" scheme="URI" content="rzalzsigningprereqs.htm" />
<meta name="DC.Relation" scheme="URI" content="rzalzmanageobjects.htm" />
<meta name="DC.Relation" scheme="URI" content="rzalzobjectsintrouble.htm" />
<meta name="DC.Relation" scheme="URI" content="rzalzrelatedobjects.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="osintro" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Object signing and signature verification</title>
</head>
<body id="osintro"><a name="osintro"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Object signing and signature verification</h1>
<div><p>Find information about i5/OS™ object signing and signature verification
security capabilities that you can use to ensure the integrity of objects.
Learn how to use one of several i5/OS methods for creating digital signatures
on objects to identify the source of the object and provide a means for detecting
changes to the object. Also learn how to enhance system security by verifying
digital signatures on objects, including operating system objects, to determine
whether there have been changes to the contents of the object since it was
signed.</p>
<p>Object signing and signature verification are security capabilities that
you can employ to verify the integrity of a variety of objects. You use a
digital certificate's <a href="../rzahu/rzahukeypair.htm">private key</a> to sign an object, and you use the certificate
(which contains the corresponding public key) to verify the <a href="rzalzdigitalsignatures.htm#digitalsignatures">digital
signature</a>. A digital signature ensures the integrity of time and content
of the object that you are signing. The signature provides proof of both authenticity
and authorization. It can be used to show proof of origin and detect tampering.
By signing the object, you identify the source of the object and provide a
means for detecting changes to the object. When you verify the signature on
an object you can determine whether there have been changes to the contents
of the object since it was signed. You can also verify the source of the signature
to ensure the reliability of the object's origin. </p>
<p>You can implement object signing and signature verification by: </p>
<ul><li>APIs to sign objects and to verify the signatures on objects programmatically.</li>
<li>Digital Certificate Manager to sign objects and to view or to verify object
signatures.</li>
<li>iSeries™ Navigator
Management Central to sign objects as part of distributing packages for other
systems to use.</li>
<li>CL commands, such as Check Object Integrity (CHKOBJITG) to verify signatures.</li>
</ul>
<p>To learn more about these methods of signing objects and how signing objects
can enhance your current security policy, review these topics: </p>
<div class="note"><span class="notetitle">Note:</span> By using the code examples, you agree to the terms of the <a href="codedisclaimer.htm">Code license and disclaimer information</a>.</div>
</div>
<div>
<ul class="ullinks">
<li class="ulchildlink"><strong><a href="rzalzprint.htm">Printable PDF</a></strong><br />
Use this information to print the entire topic as a PDF file.</li>
<li class="ulchildlink"><strong><a href="rzalzobjconcepts.htm">Object signing concepts</a></strong><br />
Use this concept and reference information to learn more about digital signatures and the object signing and signature verification processes work.</li>
<li class="ulchildlink"><strong><a href="rzalzscenariosoverview.htm">Object signing scenarios</a></strong><br />
Use this information to review scenarios that illustrate some typical situations for using object signing and signature verification capabilities. Each scenario also provides the configuration tasks you must perform to implement the scenario as described.</li>
<li class="ulchildlink"><strong><a href="rzalzsigningprereqs.htm">Object signing and signature verification prerequisites</a></strong><br />
Use this information to learn about configuration prerequisites, as well as other planning considerations for signing objects and verifying signatures.</li>
<li class="ulchildlink"><strong><a href="rzalzmanageobjects.htm">Manage signed objects</a></strong><br />
Use this information to learn about system commands and system values that you can use to work with signed objects and how signed objects affect backup and recovery processes.</li>
<li class="ulchildlink"><strong><a href="rzalzobjectsintrouble.htm">Troubleshooting signed objects</a></strong><br />
Use this information to learn about commands and system values that you can use to work with signed objects and how signed objects affect backup and recovery processes.</li>
<li class="ulchildlink"><strong><a href="rzalzrelatedobjects.htm">Related information for object signing and signature verification</a></strong><br />
Use this information to find links to other resources for learning more about signing objects and verifying object signatures.</li>
</ul>
</div>
</body>
</html>