ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Securing User ID Password

Post new topic  Reply to topic
 Securing User ID Password « View previous topic :: View next topic » 
Author Message
Amitha
PostPosted: Fri Apr 01, 2011 2:11 pm    Post subject: Securing User ID Password Reply with quote

Voyager

Joined: 20 Nov 2009
Posts: 80
Location: Newyork
We are storing User ID, password as plain text in a Database lookup table. This user ID ,password are passed in a webservice request(either encrypted or plain).

How do we secure user id and password in database?
Not intending to use LDAP or TFIM.
Back to top
View user's profile Send private message Send e-mail
mqjeff
PostPosted: Fri Apr 01, 2011 3:45 pm    Post subject: Reply with quote

Grand Master

Joined: 25 Jun 2008
Posts: 17447
By asking the database to encrypt the table?

By writing code?
Back to top
View user's profile Send private message
zpat
PostPosted: Fri Apr 01, 2011 10:05 pm    Post subject: Reply with quote

Jedi Council

Joined: 19 May 2001
Posts: 5866
Location: UK
Look at security policy sets in WMB.
Back to top
View user's profile Send private message
Amitha
PostPosted: Mon Apr 04, 2011 5:55 am    Post subject: Reply with quote

Voyager

Joined: 20 Nov 2009
Posts: 80
Location: Newyork
Quote:
By writing code?


You mean to say encrypt and store in DB and after retrieval decrypt it? these are look up tables, we insert records manually using insert sql. I don't know how to achieve this.

Quote:
Look at security policy sets in WMB.


These are used for ws-security. what I am looking for is, storing user id password securely in database(encrytped), so that any human select on to the tables shouldn't be able to read the user id password.

Quote:
By asking the database to encrypt the table?


I need to explore what options I have to do that on mainframe v7.1 db2.
Back to top
View user's profile Send private message Send e-mail
mqjeff
PostPosted: Mon Apr 04, 2011 6:09 am    Post subject: Reply with quote

Grand Master

Joined: 25 Jun 2008
Posts: 17447
Amitha wrote:
Quote:
By writing code?


You mean to say encrypt and store in DB and after retrieval decrypt it? these are look up tables, we insert records manually using insert sql.
That is not a secure procedure for handling user ids and passwords.

Amitha wrote:
I don't know how to achieve this.

Carefully.

Amitha wrote:
Quote:
By asking the database to encrypt the table?


I need to explore what options I have to do that on mainframe v7.1 db2.


Yes.
Back to top
View user's profile Send private message
paintpot
PostPosted: Mon Apr 04, 2011 6:45 am    Post subject: Reply with quote

Centurion

Joined: 19 Sep 2005
Posts: 112
Location: UK
Amitha wrote:
I need to explore what options I have to do that on mainframe v7.1 db2.


Or possibly with mainframe v9.1 db2??!?
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Securing User ID Password
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.