[email protected] (scott Ford) writes: > Bravo Phil and Tim from IBM. In my experience with NYC Stock Exchange > and too many Brokerage houses to count, all of these installations had > very tight internal/ external security. Including multiple firewalls > to enter the MF domains. Once in the MF domain, the security subsystem > was tightly controlled.
as part of our IBM HA/CMP product https://www.ibm.com/developerworks/aix/library/au-hacmpcheatsheet/ ... we had meetings with SIAC at their offices in wtc https://en.wikipedia.org/wiki/Securities_Industry_Automation_Corporation The Securities Industry Automation Corporation (SIAC) is a subsidiary of the NYSE Euronext. Its purpose is to provide technical services for the exchanges themselves, members and other financial institutions. In this role, SIAC provides the computers and other systems required to run the exchanges. It also owns communication lines and hardware to provide real-time quotes and transaction information to all market participants from the Consolidated Tape/Ticker System (CTS), Consolidated Quotation System (CQS), and Options Price Reporting Authority (OPRA). ... snip ... this was before https://en.wikipedia.org/wiki/1993_World_Trade_Center_bombing note HA/CMP effort included handling attacks, not just failure modes. It was in this period that I also coined the term disaster servivability and geographic servivability. I was also asked to write section for the corporate stratetegic continuous availability document. However, the section got pulled because both the rochester people (as/400) and pok people (mainframe) said they could meet the requirements. some past posts http://www.garlic.com/~lynn/submain.html#available posts in this thread: http://www.garlic.com/~lynn/2017c.html#60 [EXTERNAL] ComputerWorld Says: Cobol plays major role in U.S. government breaches http://www.garlic.com/~lynn/2017c.html#61 [EXTERNAL] ComputerWorld Says: Cobol plays major role in U.S. government breaches http://www.garlic.com/~lynn/2017c.html#67 Cobol plays major role in U.S. government breaches http://www.garlic.com/~lynn/2017c.html#69 ComputerWorld Says: Cobol plays major role in U.S. government breaches http://www.garlic.com/~lynn/2017c.html#70 ComputerWorld Says: Cobol plays major role in U.S. government breaches http://www.garlic.com/~lynn/2017c.html#71 ComputerWorld Says: Cobol plays major role in U.S. government breaches http://www.garlic.com/~lynn/2017c.html#75 ComputerWorld Says: Cobol plays major role in U.S. government breaches http://www.garlic.com/~lynn/2017c.html#76 Cobol plays major role in U.S. government breaches after leaving IBM, one of the first things was being brought in as consultants to small client/server startup that wanted to do payment trasnactions on their server, the startup at also invented this technology called "SSL" they wanted to use, it is now frequently called "electronic commerce". I had complete authority over the webserver to payment networks ... which included huge amount of firewalls and HA redundancy (including geographic survivability). However, I could only make recommendations on the client/server side ... some of which were almost immediately violated, that continue to account for some number of exploits. later at financial industry infrastructure protection meetings, securities industry participation were some of the most difficult https://fas.org/irp/offdocs/pdd/pdd-63.htm securities industry was amoung the most insistant on the FS/ISAC not be government operation and therefor subject to FOIA ... concern that public might become aware of some of the things that go on. https://www.fsisac.com/ -- virtualization experience starting Jan1968, online at home since Mar1970 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
