 |
 |
 |
|
 |
|
 |
|
 |
|
 |
|
 |
DataDirect Shadow Enterprise - Auditing Mainframe
Shadow Enterprise Auditing is an optional component of the Shadow mainframe integration suite, providing support for the unique security requirements of Internet applications that connect to the mainframe, providing increased visibility beyond the standard RACF, CA-ACF2 or CA-Top Secret UserID used when a distributed connection to the mainframe is first established.
Security Risk of Pooling Connections
Web applications sometimes pool connections for efficiency reasons and during the life of an application many different transactions, initiated by a variety of end-users, will exploit the same connection to the mainframe.
Without Shadow Enterprise Auditing it would be impossible to identify which end-user performed which mainframe operation, because they will all be logged under the same mainframe UserID.
Shadow Enterprise Auditing provides an easy-to-use mechanism for creating a separate, temporary security environment for each transaction that is sent over a connection from the application platform suite to Shadow on the host.
The Shadow Enterprise Auditing security environment is used extensively for:
- Logging
- Tracing
- Auditing
Key Features
At the core of the Shadow Enterprise Auditing functionality is the use of a Generic (or proxy) ID and an Extended ID. Both of these IDs are provided in addition to the traditional user IDs supported by Shadow.
- Generic and Extended IDs are made available to host applications and are used for auditing, logging, tracing and tracking
- The extended ID contains a type of application-specific user identification such as an email address, SSN, login name, access ID, etc. Shadow Enterprise Auditing also supports Digital Certificates
With Shadow Enterprise Auditing it is possible to identify the ultimate end-user for each mainframe interaction from a Web application that pool mainframe connections.
| More Information | |||||||||||||||||
|
