Considerations for E-Business on DB2 for S/390

Reprinted with Permission by Quest Software May 2002

Considerations for E-Business on DB2 for OS/390
Extracted from the IBM Redpaper Value of S/390 for E-Business

Presented below are several considerations for e-business applications implementation on the S/390 platforms. While the specific considerations differ for every e-business scenario, some requirements, such as those dictated by security concerns, or such as the pervasive need for some logical and physical components, can be said to form a common base on which all e-business solutions stand. This paper discusses some of these considerations.

Common Architectural Elements

All e-business applications use Internet technologies. Even intranet e-business applications, such as an online information system providing employees with access to the enterprise's rules, regulations, mechanisms, and so on, use browsers, Web servers and protocols such as TCP/IP and HTTP. Figure 1 shows the major logical pieces of a complex e-business implementation. For historical reasons, and also for clarity, this figure depicts a multi-tier architecture, with many of the physical servers supplying a single logical server function.

Figure 1: e-business Common Architectural Elements

Let us now discuss the elements in the figure above. Starting from the left, they are:

Universal Clients: Although typical, browser-based users, such as the home user with a PC and enterprise users with PCs and Network Computers, are shown, a client could also be an application able to dialog using a protocol such as HTML (Hyper-Text Markup Language) or WAP.

For example, a manufacturer's customer could create an application that is automatically triggered by the customer's inventory control system and issues buying orders to replenish stocks. A minimum client has a Web browser with Java applet capability and supports industry standard protocols such as HTML and Dynamic HTML.

Internet: The Internet provides the connection between the clients and the enterprise's network. Being a huge collection of computer networks, it is largely outside the control of the enterprise. The most important considerations are related to the performance and availability of the connection, so care should be placed in selecting the IP provider.

The Internet has no means of providing or guaranteeing information security and integrity, so these important issues must be addressed by both the client and the enterprise.

Firewall and Proxy Servers: A firewall is an essential element for the enterprise's network system security. The firewall sits between the enterprise's intranet and the outside network and routes all traffic between the two. Thus the enterprise's internal network can be protected from undesired outside access while simultaneously allowing the authorized users, and only them, to cross this boundary.

For a detailed description of what is a firewall and what technologies it covers, as well as the specific offerings available on OS/390 see Stay Cool on OS/390: Installing Firewall Technology, SG24-2046. We offer here a brief overview of a few of the technologies implemented by a firewall:

Filtering - Through filtering, all IP communications are examined and the enterprise's access policy is enforced. Only allowed connections are established to and from the outside world. Discrimination can be based on the source and destination IP addresses, protocol and application. For example, every user might be able to use e-mail and some users might have access to the WWW, while access from the outside to the enterprise's servers can be restricted to designated servers and applications such as the external Web site. Although the firewall has a simple mission, it can perform it quite efficiently and reliably. There are several hardware-only implementations of filtering, but these are less flexible than the software implementations. They are also less scalable, can be a single point of failure and have null or limited auditing capabilities.

Filtering alone, however, does not provide absolute security. For example, it cannot distinguish an impostor that is usurping a “good” IP address.

Proxy server - When using a proxy server, each user or application request that should be serviced outside the intranet is first processed by the proxy server. The proxy server actually executes it's client's request. For example, when a Web client in the intranet asks for an outside page, it is the proxy that issues the request to and obtains the page from the outside (Internet) server. The proxy then passes the page to the requesting client.

This architecture has the advantage of presenting the enterprise to the outside as a single point, a single IP address, hiding the enterprise's internal network structure and making it less vulnerable to hackers. Proxy services can use a separate server or reside on the filtering server. Implementing a proxy server requires more resources, because computations are done at the proxy server. One more reason to base the server on a secure, scalable platform.

Domain Name Server (DNS) - Having a local DNS allows the intranet hosts to find each other, avoiding the use of an external server to convert between names and IP addresses (name resolution) thus keeping those names hidden from the outside. Only external names need to be found through an Internet server, and only a single name for the enterprise needs to be available on the Internet, again helping to protect the internal network.

OS/390 Firewall Technologies is a “kit” available to OS/390 customers having a license for OS/390 Security Server and the eNetwork Communication Server. This kit contains all the code necessary to set up and enable the firewall technologies on OS/390. For further details, see Stay Cool on OS/390: Installing Firewall Technology, SG24-2046.

There are no software firewall implementations for either VM/ESA or VSE, so a server on another platform has to be used. Several possibilities exist, ranging from the popular AIX firewall running on a RS/6000 system to a Auto UNIX system running on a Virtual Machine or on a S/390 Logical Partition.

Web Server and Web Application Server: In the Framework architecture the Web Server, including the Web Application Server functionality, is the real hub of all e-business operations. It is through the Web server that the universal clients present their requests to the WAS applications. The Web server also receives the replies from the applications and scripts and forwards them to the clients.

The WAS supports more complex applications that, in turn, can call other resource servers, and provides several services such as resource coordination. In addition to the resource coordination, the Web server helps to increase security between the client and the application, for instance by using SSL and certificates. If the applications were directly contacted by the clients then they would need to provide the SSL and certificate support. S/390 platforms allow automatic management and fine tuning of the resources needed by the Web server in order to guarantee the required level of service.

By using connectors, the WAS is able to forward service requests to application and other resource servers and retrieve their replies. In addition, the Web server can directly call CGI scripts and servlets, applications that run under the management of the server and that can, in turn, call other application and data servers.

The application server function is, as its name indicates, to execute applications. Many servers can be used and a server can request services from another server. e-business applications are typically transactional in nature or, at least, interactive. Many existing applications can be Web-enabled by front-ending them with connectors driven from Web servers.

Existing transactional applications that were implemented with a clean separation between presentation, business and data access logics are highly likely to be reusable with little or no change. Some applications may be directly reusable by employing a screen-scraping technique, for example, CICS/TS has a software bridge to convert the 3270 data stream to HTML and back, allowing existing transactions to be used, unchanged, from Web browsers.

Data Servers: Data servers provide a secure environment for data access and usage.

Other points to consider are the variety of data types to be used today and in the future (from multi-media to traditional numeric and character data) and the fact that new and different demands for data exploitation are constantly appearing. Having a data system able to cope with these requirements without upsetting existing data and applications - which could cause a wide disruption of the enterprise's IT operations or limit its application options - is, thus, a major asset and should be given the most careful consideration.

As stated before, S/390 is the best platform on which to build a data server and, as the data probably already resides on it, there is no good reason to move it.

Intranet: The enterprise's internal network major consideration points are:

LAN bandwidth, this is directly related to performance. “Green-tube” applications are mostly text based, the ones making use of graphics being a small percentage. In contrast, Web applications can use a lot of images and, being friendlier, end up being more used.
Security, although to a lesser degree than on the Internet, there are security concerns. The advantage is that the enterprise retains control, so specific measures can be implemented. For example, specific IP addresses can be reserved, packet routing can be fixed.
Availability, as in traditional applications, remains an important point. With the software currently available on the S/390 platforms it is possible to implement a logical multi-tier server solution on a single S/390 server. If you are concerned about scalability, availability, and security for your solution you should seriously consider implementing most if not all logical server functions on the S/390 platform, as shown in Figure 2.

Figure 2: S/390 e-business Implementation

Security Considerations

Security is one of the largest concerns for enterprises considering e-business, and is often quoted as a major impediment for the move. Although enterprises should be concerned, with S/390 the impediment is more perceived than real. As many ventures demonstrate, for example, the recent Olympic Games, e-business can be safely conducted.

Keep in mind the several architectural elements of Figure 1 as we discuss security's major aspects: Security involves:

Authentication: For the server, finding whether the user is who he or she claims to be. This is vitally important because controlling which resources the user accesses depends on who the user is. For the client, ensuring that the server can be trusted.

IBM offers the OS/390 Security Server, the strongest security services available on the market, and RACF/VM for VM/ESA systems. VSE systems running under VM/ESA can also benefit from the VM/ESA intrinsic security and from some RACF capabilities. VSE systems can also use the OEM product CA-TOP Secret. In addition, LDAP directory and client services are available on OS/390. Once authenticated, the system must ensure that impostors cannot substitute for the trusted user or server. S/390 inherent system security, such as the storage protection mechanisms are highly relevant in this context.

Access Control: Granting access to only the allowed resources (programs, data, and so on). Although for many resources, access control should be based on authentication, for some less critical resources (such as the externally visible Web server and the static pages describing the enterprise) acceptable protection can be provided by firewall technologies.

Again, OS/390 Security Server and RACF/VM are IBM's offers in this area. Web servers provide additional control by limiting user access to files and scripts.

Data Integrity: Guaranteeing that the data sent is the same as the data received, in other words:

Authenticating the source of the data, both at the user and server ends. This normally involves the use of certificates.
Verifying that data has not been tampered with. Several algorithms can be employed, such as CRC.

S/390 storage protection capabilities as well as availability and reliability features such as error detection and correction are automatically exploited by the involved software (Web server, transaction manager and database manager, are examples) to provide that guarantee.

Privacy: Ensuring that data is only seen by those intended to see it. At least for the network part of the data flow, this requires some form of encryption, for example using SSL or the Secure Electronic Transactions (SET) protocols. On the server side, S/390 storage protection capabilities provide privacy for the running processes, and resource access protection (OS/390 Security Server and RACF/VM) prevents unauthorized use of any protected resources.

Accountability: Record events and parties involved, in order to be able to prove who did what (non-denial). OS/390 Security Server and RACF/VM provide such a log and audit trail. Web servers also provide logs, as well as CICS, IMS, DB2, and the IBM Universal Database product family.