In-memory mirror caching  Chapter 3: New features in EAServer 5.1

Chapter 2: New features in EAServer 5.2

FIPS and TLS support

EAServer 5.2 supports FIPS and TLS security enhancements.

The National Institute of Standards and Technology (NIST) develops standards and guidelines for such things as security and interoperability for federal computer systems. These guidelines are called the Federal Information Processing Standards (FIPS).

EAServer uses a cryptographic module to perform encryption and decryption, signing and verification, computing a checksum (or MAC) of data, and protecting security-sensitive data. These operations are invoked by the Transport Layer Security (TLS) runtime, a software implementation of a PKCS #11 interface, and key management utility routines.

EAServer utilizes a FIPS 140-2-certified cryptographic module provided by Certicom Cryptographic libraries.

For more information, see these Web sites:

TLS is a protocol based on Secure Sockets Layer (SSL) that is used to establish secure connections between a client and server. TLS can authenticate both the client and the server, and create an encrypted connection between the two.

The TLS protocol addresses some of the security concerns of SSL v3. FIPS requires TLS for use with a FIPS cryptographic module.

See RFC 2246 for a complete description of TLS.

See Chapter 9, “Using TLS and FIPS in EAServer,” in the EAServer Security Administration and Programming Guide for complete information.





Copyright © 2005. Sybase Inc. All rights reserved. Chapter 3: New features in EAServer 5.1