Article:

Keeping an Application's Security Scheme Intact

Implementing your data access policy is easy with Policy Minder

MC Press Online

by Carol Woodbury
4 November 2005

 

Whether you have a custom-written application or a third-party application, such as JD Edwards or Infinium, it's likely you've created a unique security implementation for the applications' libraries and objects. Or, if you haven't reworked the entire application, you may have secured a specific file containing human resource information or credit card numbers. If you have modified a third-party application's security scheme or just modified the access to a single file, the next application update will replace your security-driven library and object authority modifications. If you have your own application, it's difficult to make sure that items like object ownership, *PUBLIC authority, and many other security attributes remain consistent between updates. The application vendors aren't interested in your unique application deployment. They are interested in refreshing their code across all of their clients' systems.

Read the Complete Article

 

 

About the author
Carol Woodbury is co-founder of SkyView Partners, Inc., a firm specializing in security compliance management and assessment software as well as security services. Carol is the former chief security architect for AS/400 for IBM in Rochester, Minnesota, and has specialized in security architecture, design, and consulting for more than 15 years. Carol speaks around the world on a variety of security topics and is coauthor of the book Experts' Guide to OS/400 and i5/OS Security.