Replacement SSN (RSN). Overview July 21, 2008. Presentation Overview. Part I -The Problem What problem is being addressed? How does the service solve the problem? Part II - How to use the RSN Service Convert your database Invoke the RSN Service as a Web Service
July 21, 2008
True SSNs are maintained by UC in:
Recent Security Breaches have demonstrated that it’s “when” not “if” one of these systems are compromised. Many interface files contain full campus rosters of PII.
existing files (or unloaded tables) to RSN
How to use the RSN Service
RACF provides the authorization ID associated with the certificate presented by the requester
RSN / SSN mapping is encrypted at rest
A request for SSN lookup using RSN that is not found results in +100 return code and a strike against the requester. Once a requester exceeds his allotted number of strikes further access to denied.
All Web Service requests use SSL. The LUW server or CICS region hosting the requesting application must have an X.509 certificate.
RACF authorization ID of batch job submitter is the userid under which the RSN Service CICS transaction runs. The requester passes an application key (which identifies the application) with the request.
Once authenticated all requests for an RSN lookup using SSN are honored.