Secure communication

ISAM supports the data integrity and data privacy provided by the Secure Socket Layer (SSL) communication protocol and the Transport Layer Security (TLS) communication protocol.

The SSL handshake protocol provides security and privacy over the Internet. SSL works with public key for authentication and secret key to encrypt data that is transferred over the SSL connection.

The TLS protocol meets the Federal Information Processing Standards (FIPS) 140-2 standard. The FIPS standard describes the requirements of the United States federal government for handling sensitive, but unclassified, use of information technology products. When FIPS mode is enabled in ISAM, TLS version 1 (TLSv1) is used instead of SSL version 3 (SSLv3).

Security Verify Access generates keys and certificates with FIPS-approved operations. The client- and server-side keys and certificates are always FIPS approved. To switch from SSL to TLS, we must change all server and remote run time configurations. In Security Verify Access, the protocol configuration specifies the FIPS mode. When FIPS mode is enabled, it uses the TLS protocol. When FIPS mode is disabled, it uses the SSL protocol. SSL and TLS protocols cannot be mixed in a ISAM environment. Previous releases of ISAM runtime that did not support TLS cannot communicate with a server that is enabled for FIPS.

Parent topic: Quality of Protection