IBM Java Toolbox For I implement secure access to IBM i

As a set of Java application programming interfaces for the IBM I platform, IBM Java Toolbox for I is primarily used to access IBM I data and resources. The security of data and application is one of the important factors to be considered in IBM I application developers. By relying on SSL communications between IBM Java Toolbox for I and IBM I, upper-level client applications can effectively address data security issues during interactions with IBM I servers. The goal of this article is to combine SSL encryption technology, IBM I-related SSL certificate management components--IBM I digital certificate Manager (or DCM), and instruct readers how to use IBM Java Toolbox for I to achieve secure access to IBM I data and resources.

From the structure division, the article divides into 5 parts. This paper first briefly introduces the basic concepts and working principles of SSL technology. After you are familiar with the basics of SSL, the second section introduces the digital Certificate Manager DCM for IBM i platform SSL certificates. The third part of the goal is to use DCM to create an SSL certificate and to associate with the IBM Java Toolbox for I programcall host server, which ensures that the client application can safely use IBM Java Toolbox for I remote invoke IBM I for RPG applications involving sensitive information such as bank accounts. In part fourth, we will combine the examples to illustrate how to use IBM Java Toolbox for I to programmatically implement SSL connections to IBM i. The last part is the summary.

To facilitate a better understanding of the reader, our brief description of the sample application is as follows:

1. Invoke the RPG program based on the normal way QUERYCUSTINFO.PGM according to the customer ID ID, query the database to obtain customer basic information.

2. Invoke the RPG program based on SSL QUERYCUSTACCOUNT.PGM according to the customer ID ID, query the database to obtain customer's bank account information.

The choice between SSL and Non-ssl in two ways is to want readers to choose whether or not to encrypt SSL communications based on their own needs, after all, security is usually at the expense of performance.

How the principle of SSL works

Secure Sockets Layer (or SSL) is a security protocol that provides security and data integrity for network traffic. The SSL protocol provides services mainly:

(1) Authenticating users and servers to ensure that data is sent to the correct client and server;

(2) Encrypt the data to prevent the data from being stolen in the middle;

(3) Maintain the integrity of the data to ensure that the data in the transmission process is not changed.

An SSL certificate is a digital certificate, similar to an electronic copy of a driver's license, passport, and business license. The SSL certificate creates an SSL secure channel between the client browser and the Web server.

An SSL certificate includes a public key and a private key. The public key is used to encrypt information, and the private key is used to decrypt information.

For an idea of how SSL works, see Figure 1:

Figure 1. The workings of SSL