Limit Search To:   SEARCH
Strategic Partner

Become a Volunteer
Programs and Projects
AADI Program
Communications Infrastructure Program
Enterprise Data Center Program
Data Center Management Project
Integrating Innovative Technologies Project
Professional Development Project
Security and Audit Project
Information Management Program
Linux and VM Program
MVS Program
SHARE-wide Program
Volunteers | Programs and Projects | Enterprise Data Center Program | Security and Audit Project
Security and Audit Project

Seattle Event
March 14 - 18, 2010
Washington State Convention Center

Updated: February 9, 2010

 Security and Audit Project News

  1. Session Scheduling: Our session schedule is published below.  A special thanks to our speakers.  We were able to accommodate most of those who submitted sessions.
  2. Key Dates for Seattle SHARE:
    1. Early Bird Rates: Ends on January 22, 2010
    2. Online Registration: Ends on February 22, 2010 (Offline registrations also not accepted after this date)
  3. EDC Program Manager:  After losing Sylvia Gorman last year to the new IM program, Harry Williams was elected to the SHARE Board this year.  Congratulations, Harry!  Steve Guendert has replaced Harry as the Enterprise Data Center Program Manager.  The only constant is change.
  4. Venue Changes:  The SHARE leadership announced that we will downsize even more for Seattle and Boston to avoid further conference monetary losses. The conference in Seattle will also end a day early on Thursday to avoid a conflict with a Microsoft conference.  As the economy turns around, we expect the conference to start expanding back to normal levels.  The downsizing limited us to 11 sessions, 1 theme session, a Birds of a Feather, and a Lunch and Learn.  We thank everyone for their submissions and will be in touch soon to let you know the scheduling outcome. 
  5. Seattle Session Schedule: In addition to the Security & Audit Project Schedule below, please keep in mind the security sessions in other tracks, as follows (in chronological order). There are plenty of security sessions to help you fill your schedule throughout the conference. 

Experiences with Advanced System z Cryptographic Key Protection in z/OS ICSF 0902 Mon - Mar 15  
11:00 - 12:00 PM
Introduction to Cloud Computing - What is 'Cloud'?  5243 Mon - Mar 15
3:00 - 4:00 PM
Securing Linux with RACF on z/VM 9241 Mon - Mar 15  
3:00 - 4:00 PM
Enterprise Cloud Computing: Immediate, Urgent, Inevitable 26 Tue - Mar 16  
8:00 - 9:00 AM
Securing a Cloud Computing Environment 3123 Tue - Mar 16

9:30 - 10:30 AM
z/OS Communications Server Network Security Overview 3122 Tue - Mar 16

 


11:00 - 12:00 PM

What Every Network Manager Needs to Know About Security, Risk, and Compliance Management 3126 Tue - Mar 16

3:00 - 4:00 PM
SAN Security Overview 3125 Tue - Mar 16  
4:30 - 5:30 PM
IMS Security - Understand the Many Options 6326 Tue - Mar 16  
4:30 - 5:30 PM
Safe and Secure Transfers with z/OS FTP 3332 Wed - Mar 17  
9:30 - 10:30 AM
Leveraging the Mainframe as Your Cost-Effective Enterprise Security Hub  912 Wed - Mar 17  
11:00 - 12:00 PM
Security Zones on z/VM 9161 Wed - Mar 17  
11:00 - 12:00 PM
JES NJE over TCP/IP - Security Considerations When Connecting MVS to the Network 2357 Wed - Mar 17  
3:00 - 4:00 PM
Network Security in a Highly Dynamic World  3335 Wed - Mar 17  
3:00 - 4:00 PM
z/VM Security and Integrity 9129 Wed - Mar 17  
3:00 - 4:00 PM
The New Hacker Playground: The Clouds 5242 Wed - Mar 17  
4:30 - 5:30 PM
Wireless Network Security Challenges 3137 Wed - Mar 17  
6:00 - 7:00 PM
Security Architecture -- How Does WebSphere Play 1074 Thu - Mar 18  
8:00 - 9:00 AM
Securing Your MQ Based Environment (includes WMB and FTE) 1631 Thu - Mar 18  
1:30 - 2:30 PM
SSL - A security option in MQ, WMB and FTE 1632 Thu - Mar 18  
3:00 - 4:00 PM

Security & Audit Project Sessions

 

#

Day Date Time Session Title Room Speaker Affiliation
5400 Sunday 14-Mar 4:30 Security and Audit (SEC) Project Planning and Project Opening 616 Brian Cummings Tata Consultancy Services
5494 Monday 15-Mar 1:30 Cloud Control for SaaS 615 Darren Platt
5408 Monday 15-Mar 3:00 Avoiding the High Cost of a Privacy Breach 616 Brian Cummings Tata Consultancy Services
5460 Monday 15-Mar 4:30 z/OS Audit Points - The Obvious and Not-So-Obvious 616 Paul Robichaux NewEra Software, Inc.
5486 Tuesday 16-Mar 9:30 Hidden Gems - Making CA ACF2 & CA Top Secret Work for You 616 Carla Flores CA, Inc.
5493 Tuesday 16-Mar 3:00 Leveraging RACF Exit Points 616 Mark Wilson RSM Partners
5492 Tuesday 16-Mar 4:30 Are You Prepared to Successfully Pass a PCI-DSS and/or FISMA Certification Assessment? 616 Frank Ness and Jim Richardson K3DES
5425 Wednesday 17-Mar 9:30 Understanding Digital Certificates on z/OS 617 Wai Choi IBM Corporation
5420 Wednesday 17-Mar 11:00 Want to Save Millions on Digital Certificates? z/OS PKI Services Introduction and Implementation 617 Jonathan Barney and Wai Choi IBM Corporation
5433 Wednesday 17-Mar 1:30 zSecure 1.11 - New Features and Functions 616 Glinda Cummings IBM Corporation
5490 Wednesday 17-Mar 4:30 RACF's R_admin Interface: Now Served with REXX! 617 Michael Onghena IBM Corporation
5448 Wednesday 17-Mar 7:30 Security and Audit (SEC) Project Dinner Meet Outside SCIDS
5488 Thursday 18-Mar 8:00 Integrated Cryotographic Service Facility (ICSF) Update 617 Greg Boyd IBM Corporation
5459 Thursday 18-Mar 11:00 Top Ten Exposures in System z Integrity & Security 617 Phil Emrich Vanguard Integrity Professionals
5426 Thursday 18-Mar 12:15 Implement the z/OS TDS LDAP Server with RACF          (A Hands-on Lab) 620 Saheem Granados IBM Corporation
5491 Thursday 18-Mar 3:00 Auditing RACF & CICS 616 Mark Wilson RSM Partners

 The SHARE Security and Audit Project

 The Security and Audit Project is concerned with enterprise-wide security management, which includes security, auditability, and disaster recovery of corporate data, software, and hardware.  We are concerned with security management on the desktop, in the client/server environment, on the mainframe, over the Internet, or within any heterogeneous network.  The Security and Audit Project provides information on security management tools, policies and procedures that address identity management, data integrity, confidentiality, access control, and systems management -- from within a single enterprise, or across public or private networks, such as the Internet, intranet, or extranet.
The customers of the Security and Audit Project are, but not limited to:

  • Security, database, and data administrators who must integrate and manage security policies across the various enterprise platforms.
  • AN and client/server administrators who are responsible for security and disaster recovery of their systems.
  • Systems management personnel responsible for managing the enterprise networks and other infrastructure services such as mainframes and subsystems, such as CICS, TSO, JES, etc.
  • Anyone responsible for installing, administering, auditing, or modifying the RACF, ACF2 and TopSecret families of products.
  • People responsible for writing secure applications that meet accreditation standards.
  • Department and senior management requiring information on what the security, audit, and disaster recovery issues are, as well as information on developing and implementing workable solutions in their organizations.
  • End-users who have, as employees of an organization, inherent security responsibilities for safeguarding information entrusted to their care.

The Security and Audit Project offers several products and services to SHARE and its attendees. These include, but are not limited to:

  • Education for the attendee regarding security issues, trends, and solutions to security problems on the various platforms and technologies, such as viruses and encryption, disaster recovery development, implementation and maintenance, etc.
  • A forum for submitting security, audit, and recovery requirements to IBM for their product lines. This includes RACF, as well as other IBM products that currently have or should have security issues addressed.
    White Papers which are intended to influence the information technology strategies of IBM, when developing new products, or enhancing existing product lines.
  • A forum for Security Managers and practitioners to meet and discuss common problems and solutions in the security, audit and recovery arenas.
  • Providing consulting to, or speakers for, other Projects that require security, audit or disaster recovery issues to be addressed, and need additional resources to meet their requirements.