The following terms and abbreviations are used in the Entire Net-Work documentation with a meaning particular to Entire Net-Work. Terms not defined here are either general Software AG Adabas or Entire Net-Work terms or other data processing terms or abbreviations defined in the appropriate documentation.
A direct TCP/IP link to Adabas UES-enabled databases from web-based applications such as Software AG's Jadabas.
The process of determining whether something is truly authentic (what it declares itself to be). Using digital signatures, the partners in a conversation (client and server) can be authenticated. The purpose of a digital signature is to authenticate the identity of the individual sending the message using a private key to sign the message and a public key to verify the signed message.
Do not confuse authentication with authorization; authentication occurs before authorization (although they may appear to happen simultaneously).
The process of determining whether a user has permission to do something on a system. Permission to access or use a system resource is established by a system administrator using whatever authorization software is installed at the site (for example, RACF).
By the time authorization is determined, the user has already been authenticated.
An organization in a network that issues and verifies digital certificates and provides public and private keys for encryption and authentication.
When a request for a digital certificate is received, the certificate authority can (but is not required to) verify the request with a registration authority. If the request is valid, the certificate authority issues a certificate.
Various organizations, such as VeriSign, act as external certificate authorities for other companies and supply keys for authentication and encryption as requested by their clients. You can use an external certificate authority to provide your keys or, for testing only, you can use the open source SSL Toolkit, provided with Encryption for Entire Net-Work, to become your own certificate authority.
Communications between legacy Software AG clients and servers. Legacy client technologies include Natural applications, Entire Net-Work nodes running version 2.6 or below for Workstations or Entire Net-Work version 2.1.1 for UNIX, Adabas databases of version 7 or above for mainframes, and Adabas databases of version 3.2 and below for open systems.
A connection with an Entire Net-Work 2 for open systems node, an Entire Net-Work 3 for OpenVMS node, or with an Entire Net-Work 6 (mainframe) node that does not have the Simple Connection line driver installed.
A client configuration provides settings that define how a client should operate in the network. Each configuration includes settings for:
The Software AG Directory Server that should be used by the client in its attempts to work with Adabas databases.
The databases that should be included or excluded for use by the client.
Specific database access definitions for the client, including any additional access parameters that should be used.
XTS (communication service) and ADALNK trace levels used for the client.
Any user exit used for the client.
For more information, read About Client Configurations, in the Entire Net-Work LUW Administration Guide.
Client configuration settings are stored in an Entire Net-Work Client configuration file. When you first install Entire Net-Work Client, a default client configuration (named "default") is already defined and can be maintained. When a client configuration is added to the System Management Hub (SMH), a new Entire Net-Work Client configuration file is created to contain the settings for that configuration. When a client configuration is deleted from SMH, its associated Entire Net-Work Client configuration file is also deleted.
Each target maintains a queue of commands (or messages) into which the router places user requests. The target calls ADAMPM to build and maintain the queue.
Generic name for the Entire Net-Work task. It describes any process using intermachine communication allowing transparent access to remote targets.
A message created by an Entire Net-Work component and sent to another Entire Net-Work component, and typically performing a function within Entire Net-Work. Such messages normally are not seen outside Entire Net-Work.
The process of converting encrypted data from ciphertext into its original form using a decryption key.
A certificate issued by a certificate authority that establishes the credentials of a resource. Digital certificates contain such information as a name, serial number, expiration dates, the certificate holder’s public key to use for encryption, and the digital signature of the certificate authority itself (so a recipient can verify that the digital certificate is authentic).
Digital certificates can be stored in registries managed by registered authorities. This allows users to determine the public keys of other users.
An electronic signature used in authentication exclusively. A digital signature verifies the identities of a message sender or document signer and can be used to ensure that the original content of the message or document is unchanged. It is not necessarily encrypted. Digital signatures are used in digital certificates to verify the identity of the certificate authority.
Entire Net-Work 7 uses the information stored in a Software AG Transport Subsystem Directory Server to send and receive messages from the client to the server and back. The Directory Server contains an entry for each node and database in the network. The entry is a URL (Uniform Resource Locator), which defines the address of the node.
Directory Administration is performed using the System Management Hub. The Directory Administration function allows you to define Flat File server directories and populate these directories with entries that identify the address of each target in your network.
A database that can communicate with an Entire Net-Work 7 client without the use of an intermediate Entire Net-Work 7 Kernel. On the mainframe, it is a database that communicates via the ADATCP component or the Simple Connection Line Driver (TCPX line driver) component provided with Entire Net-Work 6 (or later).
Any Adabas client application that uses the Entire Net-Work 7 e-business model and its associated message protocol and Directory Server entries to access Adabas databases. Hence, all of the following applications are or can be e-business clients:
Jadabas client applications
Natural applications
Tamino applications
Adabas SQL Gateway applications
Any 3-GL user-written application that makes the Adabas() call.
A new message protocol (referred to internally as the A1 protocol). This protocol minimizes overhead and reduces the system processing load, thus increasing the speed of message transmission. It is one-third the size of the classic Remote Database Architecture (RDA) protocol used in classic Entire Net-Work 2 installations.
The new Entire Net-Work 7 model which does not require that an Entire Net-Work Kernel be installed on the client system, uses Directory Server entries to locate Adabas databases, and uses the new e-business transport protocol.
The process of converting data into ciphertext using an encryption key. The ciphertext produced cannot be easily understood without access to a corresponding decryption key.
In z/VM environments, the boundaries between interregion and intermachine communication are less distinct. As a result, an IUCV link can communicate directly between the ID Table Manager node and any virtual machine on the same system. This link is called a "group link".
The machine on which an Entire Net-Work node is running. There may be several nodes on one host. In z/OS environments, a host may have several logical partitions (LPARs) which are virtual systems on the same machine.
A commonly addressable table containing information about all currently active targets on the node.
Kernels are central to Entire Net-Work processing and are required for remote access to local databases or remote “Classic” nodes. Entire Net-Work clients do not require a local Kernel, but communicate directly with a remote Kernel, which converts between "Classic" and "e-business" clients and databases. The Kernel also maintains Directory Server target database entries so that "e-business" clients can reach those databases.
More than one Kernel may exist in your enterprise, however, normally only one Kernel is required per computer. A Kernel must be installed on each machine on which a database resides if you want Entire Net-Work clients to reach it.
A Kernel configuration provides settings that define how an Entire Net-Work Kernel should operate in the network. Each configuration includes settings for the Kernel such as:
The databases that should be included or excluded for use by the client.
The location of any Kernel log files.
XTS (communication service) and ADALNK trace levels used for the client.
Any user exit used for the Kernel.
Kernel configuration settings are stored in a Kernel configuration file.
Kernel configuration settings are stored in a Kernel configuration file. When a Kernel is added to an Entire Net-Work Server, a new Kernel configuration file is created to contain the settings for that configuration. When a Kernel configuration is deleted from SMH, its associated configuration file is also deleted.
Kernel configuration files have names in the format name.KERNEL, where name is the name you assign the Kernel definition when you add it.
A value applied, using an encryption algorithm, to data to produce encrypted data or to decrypt encrypted text. Encryption keys produce encrypted data; decryption keys produce decrypted data.
Two kinds of keys are generally used in a PKI (public key infrastructure): public keys and private keys.
The access method-dependent part of Entire Net-Work. During initialization, each node dynamically loads one line driver for each access method that the node uses.
A communications connection between two adjacent Entire Net-Work nodes. The link performs the low-level protocols for the connected line drivers.
A sequence of characters, normally comprising control information and a body, that is transferred between two network entities. In Entire Net-Work, messages are classified as either control or payload (user request) messages and are sent from node to node.
A link that is coded with parameter values that serve as default values for many partners, eliminating the need to code one LINK statement for each partner. As each partner connects, new control blocks are allocated and initialized from the model link.
A real or virtual processor running a multitasking operating system as defined by an Entire Net-Work NODE statement. There is one node per router as a communicator. In Entire Net-Work LUW environments, a node is called a Kernel (the Kernel name is the name of the node).
Node names must be one to eight characters long; in Entire Net-Work LUW environments, node (Kernel) names are case-sensitive. In addition, node names should be unique, especially if they use the same Software AG Directory Server.
The sequence of links and nodes between the originating and target node of a message. Multiple paths between originating and target nodes may exist, in which case, Entire Net-Work selects the shortest path to transmit a message.
An encryption key that is known only to the parties exchanging secret messages. Private keys are derived from public keys and are produced at the same time as the corresponding public key.
Private keys are only given to the requesting party and are not shared or sent across the Internet, nor are they stored in the registries managed by registered authorities. You cannot determine the private key of a party by querying a certificate authority.
An encryption key provided by a designated authority, such as a certificate authority.
Public keys are public and can be sent across the Internet. They are stored in digital certificates. You can determine the public key of any party by querying a certificate authority.
An infrastructure that makes use of public and private key pairs as well as a certificate authority to allow users to securely and privately share data across the Internet (or other unsecured public network).
Used together (asymmetric cryptography), public keys and private keys can be used to encrypt data, messages, and digital signatures. The data encrypted with one key can be decrypted with the other key.
When data or a message is encrypted, the receiver’s public key is used for the encryption, but the receiver’s private key is used for decryption.
When a digital signature is encrypted, the sender’s private key is used for the encryption, but the sender’s public key is used for decryption.
An organization in a network that verifies user requests for a digital certificate.
Any node through that a message passes on its way from the originating node to the target node.
Data returned in answer to a request from a user. Depending on the application protocol, a request may not result in a reply; however, the current Entire Net-Work protocol always provides a reply to a request, and allows requesters not identified as targets (that is, not independently addressable in the network) to receive data in the form of replies.
An amount of data presented to the router for transmission to a target. If necessary, transmission is performed through a communicator. In the current Entire Net-Work protocol, requests always result in replies. An Adabas command is an example of a request.
Each communicator maintains a queue into which the router places user requests to be transmitted to targets on other nodes. The communicator calls ADAMPM to build and maintain the queue. A communicator's request queue is equivalent to a database target's command queue.
The main routine responsible for interregion communication. The router is called by ADALNK and by targets via ADAMPM. One router handles all interregion requests on a single node, maintaining the ID table of all active targets on that node. It closely interacts with the Entire Net-Work communicator to permit intermachine communication as a logical extension of interregion communication.
In z/OS and z/VSE environments, the router is the Adabas SVC; in BS2000 environments, the router is located in common memory.
A standard protocol used to manage the security of message transmissions in an open communications network, such as the Internet. Both authentication and encryption are supported through SSL.
SSL uses TCP/IP for its physical communications. In addition, SSL uses public and private key encryption for both authentication and data encryption keys.
A target. Targets typically perform service functions for the callers, and are therefore also referred to as "services" or "service systems".
A message sequence between two tasks, typically a user and a target. The concept of a session is confined to the tasks themselves; Entire Net-Work processes requests as required, and does not use a session concept when handling data traffic.
For testing purposes only, the open source SSL Toolkit, provided with Encryption for Entire Net-Work, allows you to create your own certificate authority (CA) and certificates for C code. It is available in Windows environments only. If you need assistance with setting up SSL support for Entire Net-Work, consider using the SSL Toolkit for testing purposes, available from Software AG. For more information, read Using the SSL Toolkit in the Encryption for Entire Net-Work User's Guide, available from your Software AG support representative.
Note:
Due to export restrictions, the SSL Toolkit is not included on the
installation CD. If you plan to use SSL in your enterprise and want to use the
SSL Toolkit, please contact your Software AG support
representative.
The System Management Hub (SMH) is Software AG's multi-platform environment for the unified management of Software AG products. It is also known as the Adabas Manager. SMH provides a graphical user interface (GUI) that allows you to enter the information necessary to define your Entire Net-Work connections. It also allows you to monitor and administer the network from any web browser by displaying statistics about network activity. For more information, see the section About the System Management Hub in the Entire Net-Work LUW Administration Guide.
A process that has identified itself to the router as being ready to accept requests. Each target maintains a command queue, and calls ADAMPM to communicate. An Adabas nucleus is an example of a target. In an Entire Net-Work environment, all targets are known to all communicators.
A program that sends requests to targets and processes the replies. An Adabas user program is a typical example. A user that is also a target can also receive requests; otherwise, a user receives only replies. A user communicates using ADALNK and the router, and can be any program including Adabas.
A product version is identified by the first two digits of the versioning number. Software AG distinguishes between major and minor versions according to the amount of functionality or technology added to the product. All other digits indicate correction levels.
In the product documentation, the notation "vr SP s", vrs, vr, or simply v is often used as a placeholder for the current product version, for example, in data set or module names.
Placeholder | Meaning | Definition |
---|---|---|
v | version | Major Version
The first digit of the product version number indicates major architecture and functionality implementation or enhancement that adds value to the product. |
r | release | Minor Version
The second digit of the version number indicates functionality addition or enhancement that adds value to the product. |
s | service pack number | Correction Level
Correction levels contain error corrections only, without new functionality, including documentation of all modifications and repairs. In case it is necessary to include functional changes into a correction level, an exception handling process ensures that corresponding quality assurance activities are triggered. These functional changes are documented. The main target is to avoid impacts when you install such a correction level. The third number of an Entire Net-Work version denotes the system maintenance level. On certain platforms supported by Entire Net-Work, additional levels may exist, such as update package, patch level, service pack and hot fix. |