SNA LU 6.2 security services

SNA LU 6.2 offers session level cryptography, session level authentication, and conversation level authentication.

Note: This collection of topics assumes that we have a basic understanding of Systems Network Architecture (SNA). The other documentation referred to in this section contains a brief introduction to the relevant concepts and terminology. If you require a more comprehensive technical introduction to SNA, see Systems Network Architecture Technical Overview, GC30-3073. SNA LU 6.2 provides three security services:

• Session level cryptography
• Session level authentication
• Conversation level authentication

For session level cryptography and session level authentication, SNA uses the Data Encryption Standard (DES) algorithm. The DES algorithm is a block cipher algorithm, which uses a symmetric key for encrypting and decrypting data. Both the block and the key are 8 bytes in length.

• Session level cryptography
  Session level cryptography encrypts and decrypts session data using the DES algorithm. It can therefore be used to provide a link level confidentiality service on SNA LU 6.2 channels.
• Session level authentication
  Session level authentication is a session level security protocol that enables two LUs to authenticate each other while they are activating a session. It is also known as LU-LU verification.
• Conversation level authentication
  When a local TP attempts to allocate a conversation with a partner TP, the local LU sends an attach request to the partner LU, asking it to attach the partner TP. Under certain circumstances, the attach request can contain security information, which the partner LU can use to authenticate the local TP. This is known as conversation level authentication, or end user verification.

Parent topic: Channel authorization