Stream: Virtual Room 2
Time: 11:15 - 12:00
Any connection to begin a session on z/OS requires an 8 character userID to proceed. Traditionally this is done with a password or paraphrase. Passwords are an attack vector and also with 2FA can be a hassle to acquire so don’t work great in stateless scenarios like REST APIs. This session will show how z/OS token authentication operates alongside MFA, covering ltpa and JWT for identity propagation with email and LDAP to z/OS identities. We’ll also cover x509 certificates and show how these can be created, managed, and used for scenarios like pipelines or when public cloud servers hold the auth key. We’ll mix charts with demos and keep things moving along to educate and inform and not overcomplicate while not dumbing down this hugely important and interesting area of z/OS federated identity.
I work on open source projects around software tooling platforms. My current project is Zowe, which is part of the Linux Foundation and Open Mainframe Project where I am part of the leadership committee and an ambassador. Prior to Zowe I worked on Eclipse tooling and before that Java 2 Standard Edition. I enjoy astronomy, running, biking, piano, and in my spare time helping bring open source tooling to the mainframe computing platform for a new generation of Z heads.
Click here to give some Feedback so we can make it even better next year!