Federal Information Processing Standard support
Federal Information Processing Standards (FIPS) are standards and guidelines issued by the United States National Institute of Standards and Technology (NIST) for federal government computer systems. FIPS can be enabled for WAS.
FIPS are developed when there are compelling federal government requirements for standards, such as for security and interoperability, but acceptable industry standards or solutions do not exist. Government agencies and financial institutions use these standards to ensure that the products conform to specified security requirements.
WAS integrates cryptographic modules including...
...which have undergone FIPS 140-2 certification. In the WAS documentation, the IBM JSSE and JCE modules that have undergone FIPS certification are referred to as IBMJSSEFIPS and IBMJCEFIPS.
When you enable FIPS, several components of the Application Server are affected including...
- cipher suites
- cryptographic providers
- load balancer
- caching proxy
- high availability manager
- data replication service
You can use the following IBM products with WAS and maintain a FIPS level of security compliance:
-
The DB2 Universal Database uses FIPS 140-2 approved cryptographic providers.
- Application Server Toolkit
- The Application Server Toolkit uses FIPS 140-2 approved cryptographic providers.
- IBM Tivoli Directory Server
- The IBM Tivoli Directory Server provides the Use FIPS certified implementation option, which enables the directory server to use the FIPS-certified encryption algorithms.
- WAS - Edge Component
- The caching proxy contains a directive for enabling FIPS.
- IBM WebSphere MQ
-
![[Windows]](../../windows.gif)
![[AIX HP-UX Solaris]](../../unix.gif)
When cryptography is required in an SSL channel, WebSphere MQ uses a cryptography package called IBM Crypto for C (ICC). On all the Windows and UNIX platforms that are supported by WebSphere MQ Version 6.x, the ICC software passed the FIPS 140-2 Cryptomodule Validation Program of the National Institute of Standards and Technology.
You can find more information about the Federal Information processing Standards (FIPS) on the Support Web site including recommended updates for WAS.
Related concepts
J2EE specification
Related information
Validated FIPS 140-1 and FIPS 140-2 Cryptographic ModulesInternet Security Group: Cryptography