Cryptography on Mainframe Systems

Mainframe system stores critical information of an organization; it communicates and coordinates with numerous devices that are connected to it in a network. Sensitive data of an organization stored in mainframe and flowing to and from it is in danger of external hackers and possibly few disloyal insiders. Under such situations, sharing critical data becomes a big challenge in any organization. Cryptography is a technique that helps in overcoming this challenge and helps secure privacy and integrity of critical data.

Need for cryptography

With increase in the usage of Internet and computerization of organizations, securing confidential data in an organization has become very essential. The following reasons strengthen the need of cryptography on mainframe systems.

Mainframes generally used in big organizations, have very big data repositories containing all kinds of information including critical, confidential information and business logic. With no assurance of all honest people in the network, cryptography has become a need for mainframe system in order to protect the sensitive data.

With drastic increase in the Internet usage and increase in the number of computerized services, organizations are looking forward to secure their data using cryptography.

What is cryptography?

Encryption: The process of converting plain text into cipher text (unreadable format) is called encryption.

Decryption: It is the process of converting cipher text into plain text.

“Cryptography” is an art of protecting the privacy and integrity of the information. Cryptography technique transforms the data into unreadable format (encryption) using mathematical formulae or a procedure and a key. A key is used to decrypt the encrypted data or vice versa.

Elements of cryptography

The two basic elements of cryptography are key and the algorithm.

• Key: Key is used to encrypt or decrypt the data.

• Algorithm: Algorithm is a logic or formula that is applied to data and the key in order to convert the plain text into cipher text.

There are two types of algorithms

• Symmetric algorithm – In this algorithm data is converted into cipher text (encryption) using a key and same key is used for converting cipher text into plain text (decryption).

• Asymmetric algorithm – In asymmetric algorithm, data is converted into cipher text using one key (public key) and the cipher text is converted back to the plain text using another key (private key).

There are hardware devices as well as software applications that perform cryptography.

Some of the cryptographic hardware devices are Cryptographic Accelerators, Hardware Security Modules (HSM), etc.

Cryptographic softwares that work on z/OS (operating system of a mainframe system) include

Integrated Cryptographic Services Facility (ICSF), Open Cryptographic Services Facility (OCSF), etc.

Benefits cryptography offers to an organization

Cryptography technique used in an organization offers

• Authentication – Authentication involves confirming the identity of a user or a system to access the information. It is like permission.

• Integrity – Integrity means the received data must be similar to the data that has been sent. In simple words means, “What we receive must be same as what you sent” or “What we sent must be same as what you received”.

• Protection – This is the basic idea of cryptography. Data is protected by encryption and keys.

• Non-repudiation – Non-repudiation means ensuring or an agreement that the receiver and the sender of the message must be same as the sender and receiver who are claiming. There should not be any unauthorized member interfering.

Cryptography is a fair choice for organizations to secure the critical data on their mainframe systems.