ACL’s, Mainframes, and Government Fraud by End-Terminal Legacy System Users

mainframes are a key target for hacking and fraudulent activites on behalf of legacy system terminal users. for example, mainframes that lack ACL-based authentication and security are especially susceptible to fraud based on the operation of universal access password and concept of the adjacency of a variety of private data in medical, financial, and other security-based governmental data stores. often, audit trails are used to find and prosecute instances of this type of fraud which is based on authorized terminals misusing their authority to browse private government data. these audit trails and ALC-based authentication schemes may be missing with some terminal user populations. I co-wrote an instruction manual on mainframe middleware systems that performs online maneuvers super fast by dumping the data extracted from a mainframe and inserting into Microsoft SQL server or Oracle database system which are GUI based and much faster than single-user accounts on mainframes. as a law student, I encountered the prospect of such data tourism based on this type of access enforceable en masse through the very software I wrote describing how to program a piece of middleware software on a mainframe database. for example, a recent shooting at a federal prison in Tallahassee involving prison guards firing on and killing a secret service officer who was responding for an investigation of complaints of rape in exchange for drugs and contraband at the local federal women’s prison in Tallahassee: link to news article. the woman making the allegations was deposed in detail by the aggressor security personnel at the prison regarding the management of such complaints on the state’s mainframe system which was being accessed through a novice end-terminal account at the prison. However, a diverted attempt to organize and review such assertions was made using this type of middleware system that was then routed to the secret service officer’s location in San Diego, CA. Thus, the prospect of a fraud capability on behalf of an authenticated user of a mainframe terminal was thwarted by the advanced processing of the data entered by the security personnel at the prison. they had no knowledge that such a system existed save for the terminal they used to input and track the complaint allegation. This indicates the susceptibility of a fraud capability based on a class of authorized user accounts misappropriating and disseminating the private data they are using to notify or organize fraud on behalf of their employment status. blacks and minorities, often inept at advanced technological concepts may be unaware of the advanced auditing capability of such middleware systems. thus, judges should be briefed on the usage of middleware software to audit and prosecute illegal usage, manipulation, and distribution of such mainframe data available to authenticated employees. other possible approaches to avoiding the mass fraudulent capacity of current mainframe security models that often grant a collection or class of users a wide degree of access to private governmental data they can misappropriate and convert for their purpose including medicare & welfare fraud, monitoring of fiscal accounting data, and a host of other prospective misuses of such data that are myriad. also, the use of an ACL-based authentication scheme which has been known to be available for mainframe legacy systems can counter some of these authentication security issues. ACL’s can provide an authentication script reducible to up to one data field rather than the scrolling list type of data available from mainframes currently.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: