Python is the most popular language in the area of data science and widely used in combination with Db2 - especially in environments with IAS accelerators. At the same time, many large and/or security-concious environments in general no longer accept userid/password authentication for security reasons.
We therefore request the ibm_db driver to be enhanced so that it supports client certificate authentication using Smartcards.
The benefit/value is to make Db2 z/OS data and the IAS infrastructure accessible to a large community of data scientists thereby avoiding unnecessary data replications away from the Mainframe (with all the issues that come with it).
|Who would benefit from this IDEA?||Any customer using strong authentication and Db2 for z/OS with python; In particular the customers that exploit IDAA/IAS.|
|Priority Justification||Security restrictions prevent us (financial institution) from using userid/password authentication; I.e. Db2 for z/OS data - including IAS - is not available to our data scientist community, weakening the position of the Mainframe in this area heavily.|
|Client Name||Credit Suisse Services AG|
How should it work?
The ibm_db (Python) driver supports client certificate authentication in general. This support should be extended to include Smartcard certificates.
(Technical details are available in IBM support case TS003599391.)
|IBM's success depends on gathering feedback from customers like yourself. Aha Ideas Portal is the third party tool through which IBM Offering Managers gather feedback from customers such as yourself.|
|IBM is a global organization with business processes, management structures, technical systems and service provider networks that cross borders. As such, the information collected through Aha Ideas Portal (Customer Name, Customer Email Address) will be stored by them in the United States, and handled only as per IBM's instructions and policies. Your data (Name and Email Address) will NOT be shared with other IBM customers.|
|In order to safeguard your information in Aha, do not leave your workstation unattended while using this application, log off after using it, and print only if necessary. If you need to make a hardcopy, remember to pick up the print-out immediately, keep it under lock, and destroy it immediately when no longer needed.|
|NOTICE TO EU RESIDENTS: per EU Data Protection Policy, if you wish to remove your personal information from the IBM ideas portal, please login to the ideas portal using your previously registered information then change your email to "firstname.lastname@example.org" and first name to "anonymous" and last name to "anonymous". This will ensure that IBM will not send any emails to you about all idea submissions|