programmers quotes

September 6, 2010

Staying up-to-date with IMS

Filed under: z/OS & OS390 — Tags: , , , , , , , , , , , , , , , , , , , , , — Trevor Eddolls @ 11:54 am

IMS – Information Management System – has been around for quite some time. In fact it’ll be 42 in August. Isn’t 42 the ultimate answer to life, the universe, and everything? Anyway, IMS runs on IBM mainframes and provides an incredibly fast hierarchical database system and an excellent transaction processing system. And in the intervening 41 years and 10 months there have been enormous improvements not only to the way it works, but also to the thinking behind what can be done with it.

Anyone working with IMS will be able to explain to you the different types of database that exist. They’ll talk at length about Full-function databases, Fast-path databases, and High-availability fast path databases. In addition to this database side of IMS, they will also be able to explain how the transaction management system works – how end users can access information and how messages are queued to make this possible. This is great, but what IMS professionals also need is some way of ensuring they keep up-to-date with what else IMS can do. What IMS will be able to do next year when it’s 43 and work towards that.

One easy way is for IMS professionals to join the Virtual IMS Connection user group at www.virtualims.com. This user group has virtual meetings every other month, so that members can watch presentations without needing to leave their office – all they need is an Internet-enabled PC and a telephone. Most of these Webinars take place at 10:30 Central Time and last around an hour.

As well as seeing a presentation by another IMS professional and the ability to ask as many technical questions as they want, they are also kept up-to-date with the latest product announcements (new products or new versions or releases of existing products) and latest IMS-related articles appearing in the press. On the Web site they can find jobs or people looking for jobs and (added quite recently) they can find consultants available for work.

The next meeting of the Virtual IMS Connection user group will be on the 8th June, and the meeting includes a presentation by Patrick Fournier of SysperTec Communications, who will be discussing “Improving the performance, efficiency, and TCO of SOA integration for IMS applications”.

The presentation will look at:

  • Web-enabling IMS and other 3270 applications.
  • Providing a way to serve IMS application screens on thin-client Web browsers.
  • Developing Web 2.0 user interfaces that combine IMS 3270 data flows with AJAX functionality and JavaScript widgets.
  • Creating interactive bi-directional connections between IMS and Web applications, eg Web applications that consume IMS transaction.

In a constantly changing industry, the only way to stay up-to-date and to keep your skills honed is join these regular Webinars. And being a virtual meeting, you don’t have to convince your company to fund your user group experience.

If you’re an IMS professional, it makes sense to join the user group and take part in a free Webinar.

July 11, 2010

Steganography…

Filed under: z/OS & OS390 — Tags: , , , , , , , , , , , — Trevor Eddolls @ 5:29 am

I’ve been variously involved in securing mainframe data over many years. I’ve looked at encryption of data, External Security Managers (ESMs), certificates, and public key encryption at various times. I’ve only recently become aware of steganography and how that can be used to send covert information in plain sight!

Steganography means concealed (the “stegano” bit) writing (the “graphy” bit), and there was a book about it written in 1499 by Johannes Trithemius – although not published until 1606. Trithemius was Abbot of Sponheim, but, even so, the Catholic Church banned the three volumes of his book (called Steganographia) for almost 300 years. So that must give you a clue as to how difficult it would be to control the use of hidden messages by ordinary people – you and I really!

Here’s an example – this week’s shopping list:
Allspice, lemons, bananas, avocado, peanuts, strawberry, pomegranate, sweets, anchovies.

You’d look at that and think there’s nothing hidden in that list. Now look at it again:
ALlspice, lEmon, bAnana, aVocado, pEanuts, sTrawberry, pOmegranate, sWeets, aNchovies.

It says LEAVE TOWN. Obviously more complicated messages could be included if I had a longer shopping list – but you get the idea.
But there’s an even better and more modern method of steganography – and that’s using images. You can hide messages in the least significant bit in an image. I have hidden a message in the photo below. Can you read it?

Steganography

If you want to create your own hidden message, you can have a go at http://mozaiq.org/encrypt/. You can also read hidden messages by clicking on “tools” from the menu and “decrypt”.

The pixels in 24-bit images have their colour defined using three numbers. There’s one for red, one for green, and one for blue (RGB). Making a small change to a pixel alters its colour but not so much that the human eye will detect the change. These small changes can be combined to give the ASCII code for a letter – and those letters when put together give a word, a sentence, a complete hidden message. It would be completely plausible that the images in an innocent Web site could contain messages for banned organizations. Those pictures on the MI5 Web site could actually be coded messages to UK operatives (with Internet access) across the globe. But think how many other Web sites could contain coded messages – just who could those messages be for?

Almost any message that can be send – any picture, any digital message, any written or printed message – could contain a hidden message in it.

I’m not trying to make your paranoia worse, I just thought it might be worth checking those images, or reading every second character in a list (or third or fourth!), and making sure someone isn’t sending a message from your Web site that you don’t expect.

Sleep well!

Older Posts »