#Security

At the end of this year support for OpenSSL 1.0.1 will end. InterSystems has started the process to move to OpenSSL 1.0.2 and use the 1/28/2016 release (1.0.2f) for verification and product inclusion. I will update this post once InterSystems  decided which versions will receive  support for OpenSSL 1.0.2.

I need to perform additional checks before Cache user logins (let's say in a terminal for simplicity) and allow access only to those, who passed them. How do I do it?

In preparation for a presentation I need a  real-world LDAP schema that has been customized a bit beyond the basics.   Perferably this would be based on an OpenLDAP system which would make it easier to merge into this presentation. 

If you have such a schema you would be willing to share please respond or contact my directly at Rich.Taylor@InterSystems.com

Thanks in advance.

Rich Taylor

I'm interested in different approaches on how to store user data in Caché. I'm assuming that application uses Caché security/Caché users and not a self-made authentication system.

Several approaches, I'm familiar with:

There seems to be little point to journal audit db updates; why rollback an audit entry for an attempted update?

I’m working on some auditing code and I have a few questions (feel free to respond regarding 2016.1 or later).

1. I’ve noticed that there is little point of journaling updates to an audit database, as the Audit log is essentially an additional journal. Is there any reason not to disable journaling for audit log updates?
2. I’d like to audit even transactions that get rolled back, preferably with information that the rollback occurred (this could be a second audit entry).

Introduction

If the administrators responsible for securing applications had their way, passwords would be long complex strings of random symbols, and users would memorize different passwords for every application they use. But in the real world, few people are capable of such prodigious feats of memory. The typical user can only remember a handful of relatively short passwords.

That’s why an increasing number of applications are requiring two-factor authentication.

Using Intel® Advanced Encryption Standard New Instructions with InterSystems Caché Substantially Improves Encryption Performance and Reduces Computational Overhead

Executive Summary

Financial services companies have an ever-growing need to encrypt databases containing sensitive customer and trade data. However, using encryption on these databases can require significant computational resources, potentially impacting trading latencies.

Introduction

In today's world, an ever-increasing number of purchases and payments are being made by credit card. Although merchants and service providers who accept credit cards have an obligation to protect customers' sensitive information, the software solutions they use may not support "best practices" for securing credit card information. To help combat this issue, a security standard for credit card information has been developed and is being widely adopted.The Payment Card Industry (PCI) Data Security Standard (DSS) is a set of guidelines for securely handling credit card information.