Security standards configurations (compliance types)

We can configure IBM Security Verify Access Base components to work with various security standards, including FIPS 140-2, SP 800-131, and Suite B. These security standards meet information security requirements required by the government. ISAM uses cryptography in the following areas:

• To create and replace internal, self-signed certificates. These certificates are used by ISAM Runtime and Security Verify Access server to authenticate with each other.
• Secure communication between the runtime and servers.
• Secure communication to LDAP.
• Secure communication to Syslog servers.

The Security Verify Access Base components integrate cryptographic modules, which include IBM Global Security Kit (GSKit) 8, Java™ Secure Socket Extension (JSSE), and Java Cryptography Extension (JCE). Most of the requirements in the standards are handled in GSKit, JSSE, and JCE, which must undergo the certification process to meet government standards. Security Verify Access Base components must be configured to run with GSKit, JSSE, and JCE that are enabled for a particular standard.

• FIPS 140-2
  The Federal Information Processing Standards (FIPS) specify federal government requirements for cryptographic modules. FIPS 140-2 is a National Institute of Standards and Technology standard.
• SP 800-131a
  Special Publication 800-131a (SP 800-131a) is an information security standard of the National Institute of Standards and Technology (NIST). SP 800-131a requires longer key lengths and stronger cryptography than other standards.
• Suite B
  Suite B is a security standard developed by the National Security Agency (NSA) that establishes a cryptographic interoperability strategy. Suite B is similar to SP 800-131a, but it has tighter restrictions.
• Java properties that enable the security standards
  The IBM virtual machine for Java (JVM) runs in a specific security mode based on system properties.

Parent topic: Core technologies