University of Utah
Administrative Computing Services

ACS News, Fall 1995

Contents	ACS News
NET3270--Encrypted Mainframe Connectivity What is Data Encryption? ACS Welcomes New Manager, Data Analyst Mainframe-to-Network Printing Intro to the World Wide Web ACS Web Update	Technical Writer: Teri A. Olsen Reviewers: Diane de Souza, Leonard Romney, ACS Staff ACS Help Desk: 581-3323, 150 Park Building

Encrypted Mainframe Connectivity Now Available

Until now, the most secure way to access the mainframe using your PC has been from a secure network. And for those of you on open networks, the Multisync Card provides an extra (although cumbersome) level of security. But even with these two secure methods, the data transmitted between your computer and the mainframe is not encrypted. This means that if someone had the desire, the tools, and the expertise, they could "trap" and read your data.

To prevent or minimize the trapping of data, encryption techniques can be employed. ACS has been studying and testing tools to provide encryption functionality for mainframe connections and has selected the Network 3270 Workstation Program (NET3270) by McGill University Systems Inc. We have purchased a site license and are offering free use of the program for campus mainframe users. The product runs on Novell networks only; it is available for either DOS or Windows. Some reasons you may want to switch to NET3270 include:

The software is free to ACS customers.
You don't have to use a Multisync Card (please return the one you have to ACS).
You can access data, like payroll information, that has previously been restricted to secure networks. (You must also have the proper authorization.)
There is no port charge.
You do not need to enter your User ID and mainframe password twice like you do with TCP3270.
There are no ACS network certification requirements.
You can access the mainframe from any Novell-enabled network on campus.
TCP/IP is not required (NET3270 uses Novell's IPX/SPX).

Like existing emulation packages, NET3270 supports multiple sessions and file transfer functions. The program does require some storage space on your PC.

If you would like to switch to NET3270, contact your network manager. All Novell network managers have already received notice via email about obtaining and setting up NET3270 for their users. Your network manager will install the software on your PC, bring you up to speed on how to use it, and decide how your encryption password will be handled.

If you have questions about NET3270 that your network manager cannot answer, call the ACS Help Desk at 581-3323.

What is Data Encryption?

Encrypted data is data that many people may have the ability to see (in encoded form), but only selected people can understand or use (decode). Once the tool of the military and diplomats, data encryption is important to anyone dealing with private information on a computer, especially a computer linked to a Local Area Network (LAN) or the Internet.

Encryption is a process that changes the letters and numbers of plain text into other letters and numbers in such a way that the message becomes unreadable. For example, you could apply a simple encryption by shifting letters of the alphabet five places forward:

A	B	C	D	E	F	G	H	I	J	K	(etc.)
F	G	H	I	J	K	L	M	N	O	P	(etc.)

The message "I am here" becomes "N fr mjwj." The decryption process would entail shifting the letters five places backward. This is a simple encryption algorithm, which could easily be deciphered. Obviously, real-world encryption algorithms are much more complex and not easily compromised.

There are two general types of encryption methods: conventional and public-key. The encryption described above is an example of conventional, or single-key encryption: there is one key (in this example the key is 5), an encryption algorithm (shift to right), and a closely related decryption algorithm (shift to left).

Conventional encryption is effective in cases where data or text is being stored on a file server, and you do not want others to be able to view it. The encrypted text is stored on disk and then decrypted after being read back to the originating computer.

If a single-key encrypted message is sent from one person/network to another, the key must be sent along with the message so the recipient's computer can decode it. If the message is intercepted, so is the key, thus the privacy of the data is compromised. So, for data transmitted between two separate people/networks, a method called public-key encryption is used.

With public-key encryption, there are two keys: one used to encode the message, and a different one used to decode the message.

Before the message is sent, the receiver gives the sender a public key to use for encoding the message. The receiver also has a private key, which remains on the receiver's own computer, that works in conjunction with the public key to decode the message after it arrives. The sender encodes the data and transmits it, along with the public key. Since the public key is useless by itself, the data will not be compromised if intercepted. After the data is received, the receiver applies the private key and decodes the message.

The NET3270 software now available for the IBM mainframe uses public-key encryption.

This article was contributed by Neil Simmons, a U student majoring in Computer Science.

ACS Welcomes New Manager, Data Analyst

In July, Joe Taylor joined the ACS Staff as Assistant Director for Information Management. Joe comes to the U from Thiokol, where he spent several years working on the implementation of Manufacturing Resource Planning and Shop Floor Control systems. Joe will be managing the Information Management group of ACS, which includes Database Administrators, Data Analysts, Quality Assurance, Help Desk, and Security. The Assistant Director position was previously held by Diane de Souza, who is now the acting Director of ACS.

At the end of August, Sam Kievit joined the Information Management group as a Data Analyst. Most recently, Sam taught graduate and undergraduate management information systems classes. She has also worked as a budget analyst and has experience in enrollment planning. Sam's assignments will include working on the Institutional Database with responsibility for Budget and Telecommunications data.

Mainframe-to-Network Printing

Instead of picking up your TSO print job from the basement of the Park Building, why not route it to your local network printer? There are only two things you need to know:

Does your output contain plain text only, or does it have special fonts and graphics? Most print jobs are plain text and can be printed on virtually any printer. If the job has special fonts or graphics, it can be printed only on printers that support postscript (a printer language). For postscript printing, check with your programmer to make sure the job can be routed to your network printer.

What is the name assigned to your local printer for mainframe printing? This name, also referred to as the form name, is a combination of up to seven letters and numbers. Ask your network manager what the mainframe printer/form name is for the printer in your area.

Network Managers: All it takes to set up your network printer for mainframe printing is a quick call to the ACS Help Desk at 581-3323. Be prepared to give them your printer's logical server and queue name, and let them know if the printer supports postscript. After asking you a few more questions, Help Desk staff will setup your printer, and your users can immediate begin redirecting mainframe jobs.

Be aware that, unlike data transferred to and from the mainframe using NET3270, print jobs are not encrypted (see article on encryption in this newsletter). You may not want to re-route print jobs that contain sensitive data.

To route a job that has been submitted:

Locate your job in the output queue.

Tab to the Class column and enter T for text or P for postscript.

Tab to the FORMS column and enter the printer/form name of the network printer.

Tab to DEST ination and overwrite the existing entry with LPR (which stands for Line PRinter).

Press the ENTER key once. The message "Command Issued" will appear in the upper right corner. Press ENTER again; the Class, Form, and Destination you entered will appear on the job line. (If you want to, you can press ENTER periodically until the job disappears from the queue, which means the job is complete and should be ready at your printer.)

If the procedure fails, check the "Held" queue and make sure the job output is not held. If the job is being held, scroll down to the NP column on the far left and type an O to release the job, then, if necessary, repeat the steps above. If there is a mainframe job that needs to print on your network printer every time it runs, you can automate the procedure by adding this statement to your JCL:

     DD SYSOUT=(c,,prtname),DEST=lpr

where c=the Class, which will be T for text or P for postscript, and prtname=the name of your network printer (the seven-character name assigned by your network manager).

In addition to routing TSO print jobs, some of the new CICS applications, like the Financial Aid System, will enable printing to local network printers. This feature is system dependent, and instructions will be included in each system's user manual or help text.

Intro to the World Wide Web

The World Wide Web, also known as the web or WWW, is a collection of documents on the Internet that contain formatted text, graphics, and audio/video clips. The documents also contain hypertext links to other documents, allowing you one-click access to a myriad of information. If you are familiar with gopher, you can think of the web as a multimedia version of gopher. However, unlike gopher, you need special software on your PC called a browser to view web documents.

Most networks on campus are attached to the Internet, and thus have access to web documents. The most common browsers are Netscape and Mosaic. Lynx is another popular text-only browser; it does not support graphics, but it is useful for home computers with slow modems that access the web through dial-up accounts. Check with your network manager or department computer person for help using your browser.

When you startup your web browser, the program retrieves a default home page--a starting point. For most campus users, the default home page is the University of Utah's home page, which contains a picture of the Park Building.

You can go to other documents by clicking on hyperlinks. As you move the cursor around the page, the arrow pointer will change to a hand or other type of pointer as it passes over a link. The address of the link will also be displayed somewhere on the screen. Links can be words or phrases, which are usually displayed in a different color and are underlined, or they can be pictures. On the U of U home page, if you click on Computer Help and Information, you will go to a page that contains information about computer services on and off-campus, as well as links to other documents.

The Back and Forward keys at the top of the screen will move you back and forward through the pages you have viewed.

If you want to go to a specific document, you can also use the File/Open feature of your browser and enter the Uniform Resource Locator (URL). For example, this is the URL for the University of Utah's home page:

To learn more about the web, do some exploring! The web is full of information about itself. The Computer Center also offers introductory classes to the web in its short course series (see http://www.cc.utah.edu).

This article was contributed by Neil Simmons, a U student majoring in Computer Science.

ACS Web Update

The University Class Schedule is online! Students can view information about classes and up-to-date seating availability. Changes made since the printed schedules were issued are also included, as are the general catalog course descriptions. From the U of U Home Page (http://www.utah.edu), select Student Information, then Class Schedule & Student Records.

ACS it taking the mainframe-to-network printing concept one step further. A web application currently being developed will enable you to view the contents of your mainframe printout online. You can also download the printouts to your PC and process with your PC application or print on your own printer. This web application should be available before the end of the year.

The recent Guide to Mainframe Computing handout series is in the process of being transformed into web documents. Also being compiled is an index of handout topics and newsletter articles. The index will be linked to new web documents and to newsletters that already exist on gopher. From the U of U Home Page, select Computer Help and Information, then ACS Help.

Posted April 10, 1996
For a hard copy of this issue, email Teri Olsen at tolsen@acs.utah.edu.
Send comments or questions to ACS Webmaster.