Manualshelf

Installation guide

ManualsBrandsExtended Systems ManualsComputer equipmentOneBridge 4.1
11121314151617181920
FIPS and TLS support
12 EAServer
“Configuring the object cache” in Chapter 4, “EJB CMP Tuning,” in the
EAServer Performance and Tuning Guide describes how to enable and
configure the object cache. The CtsComponents/ObjectCache component,
which previously provided the default implementation of the cache manager,
has been replaced by CtsComponents/JavaObjectCache.
FIPS and TLS support
EAServer 5.2 supports FIPS and TLS security enhancements.
The National Institute of Standards and Technology (NIST) develops standards
and guidelines for such things as security and interoperability for federal
computer systems. These guidelines are called the Federal Information
Processing Standards (FIPS).
EAServer uses a cryptographic module to perform encryption and decryption,
signing and verification, computing a checksum (or MAC) of data, and
protecting security-sensitive data. These operations are invoked by the
Transport Layer Security (TLS) runtime, a software implementation of a PKCS
#11 interface, and key management utility routines.
EAServer utilizes a FIPS 140-2-certified cryptographic module provided by
Certicom Cryptographic libraries.
For more information, see these Web sites:
Cryptographic Module Validation Program Web site at
http://csrc.nist.gov/cryptval/
– describes the FIPS standards, contains related
documents and specifications, and answers commonly asked questions.
Certicom Security Builder Government Standard Edition (GSE) Web site at
http://www.certicom.com/index.php?action=product,sbgse
– describes the
FIPS 140-2 certified cryptographic module that is integrated into
EAServer.
Certificate and cryptographic module information at
http://csrc.nist.gov/cryptval/140-1/1401val2003.htm#351
– contains a list of
certificates issued by NIST, including a copy of the Certicom certificate.
TLS is a protocol based on Secure Sockets Layer (SSL) that is used to establish
secure connections between a client and server. TLS can authenticate both the
client and the server, and create an encrypted connection between the two.