Web services security improved through better Mainframe SOA

DataDirect Technologies announced new capabilities within the DataDirect Shadow RTETM mainframe integration suite for optimizing Web services security, testing and development across a broad range of mainframe databases, business logic and screen-based applications.

Mainframes have a reputation for being very secure, however as enterprises expand the role of the mainframe to more fully participate in Service-Oriented Architectures (SOA), the security protocols that protect mainframe assets need updated technologies to enable them to work efficiently in the stateless environment of loosely-coupled Web services. Originally designed to support individual sign-on, mainframe security protocols, such RACF from IBM, are now required to process thousands of Web services logins per hour, creating an authentication bottleneck that slows performance and consumes expensive mainframe CPU cycles needed to support the security manager.

The DataDirect Shadow product addresses this problem with Security Optimization and Management (SOM), a unique feature within the mainframe integration suite that manages and optimizes mainframe security authentication for any process requiring authentication, such as a Web service or SQL call. The Shadow SOM feature works in conjunction with the established client and host security protocols to eliminate redundant authentication requests by caching security credentials. Furthermore, the Shadow SOM feature maintains the integrity of the security infrastructure by subscribing to updates in the security manager database. The Shadow SOM feature supports all the major enterprise security protocols, including RACF and CA’s ACF2 and Top-Secret. In benchmarks performed by DataDirect Technologies’ mainframe development lab, test results indicated an overall reduction of 138 percent in authentication overhead for more than 99.3 percent of the processes requiring security authentication.

The Shadow Studio product is an open, Eclipse-based development tool that simplifies the transformation of mainframe data, business logic or screen logic into industry standard interfaces – SOAP, SQL or XML. With the latest enhancements, the WSDL parsing and generation functions performed during the transformation of the mainframe business logic are now in the platform independent, Eclipse framework of the new Shadow Studio product. Enhancements have also been included to support both “redefines” and “occurs depending on” (ODO). Migration from previous business logic repositories has been simplified and all mainframe-based Web services can now be stored within the mainframe, making it easier for developers to share Web services.

The Shadow Studio product now includes an industry standard Web services test tool to rapidly check the operational integrity of any mainframe Web service created by the Shadow product. A developer need only to point and click their mouse at the operation or Web service to verify the transformation process has completed. The Web services tester automatically allows the user to run a series of Web services tests from a single command.

“DataDirect Technologies is committed to helping companies transform the mainframe into an industry-standard server through products that make mainframe Web services easier to develop and deploy,” said John Goodson, vice president of product operations and marketing at DataDirect Technologies. “With the new enhancements to the Shadow product, we continue to provide architects with the means to utilize mainframe technology more effectively for better alignment with their corporate SOA strategy.”

The Shadow RTE mainframe integration suite supports all the major industry-standard paradigms – Web services, direct SQL access, XML events or Web enablement – for integrating mainframe data, business logic and screens with SOA and other distributed application development initiatives.