Sumant Renukarya 270002B42N Visits (1927)
If there is a need to know the cipher used by CLM applications or RTC and the level of encryption used for web-clients, this blog should be of some help.
Cipher refers to the algorithm used for performing encryption and decryption of the data.
Generally, SSL (Secure Socket Layer) is used for data encryption, decryption and transmission using certificates or smart cards. However, this also depends on the kind of Application server being used. Based on the kind of application server in use, the respective product documentation should have the details on the cipher used.
Websphere Application Server, Apache Tomcat
a. For Internet Explorer, login to RTC and then right click on the web-page --> Properties;
b. For Firefox web-browser, if one hovers and clicks on the padlock symbol prior to URI in the address bar, say before https: //ho
So, if the RTC/CLM installation is based on Websphere Application Server (v7.0), the site supports a minimum cipher strength of 168 bit encryption. This, can be confirmed by looking into the properties for ccm application web-page and the application server documentation.
By default, using the Apache Tomcat application server the site supports a minimum cipher strenght of 128 bit encr
The cipher indicates that the data is encrypted between the Internet browser and the Server. It doesn’t encrypt the data on the database itself.
This is what is behind the HTTPS protocol and is managed by the Application server. RTC is only an application installed on top of Jazz, which is installed on WebSphere.
Here is the link for the WebSphere v 7.0 documentation - About "TLS 1.0, 3DES with 168 bit encryption (High)". This explains SSL Version 3 and TLS Version 1.0 cipher specifications: http
mquimby 060001FAVB Visits (2119)
A new white paper is available that covers security testing for your Rational Application Developer applications!
Abstract: This white paper focuses on the integration of IBM Rational Application Developer (RAD) and IBM Security AppScan Source Edition with Developer plug-in. The article provides insight on Rational Application Developer, Security AppScan Source, and the integration. The article covers how install the Security AppScan Source Developer plug-in and use the integration with Rational Application Developer.
Released: July 19, 2012
New white paper Released: How to implement access restrictions to your EA Artifacts using Rational System Architect Catalog Manager
AcdntlPoet 2700019V2G Visits (3964)
Hot off the presses, a new whitepaper for Rational System Architect:
Abstract: This white paper provides you with information on how to implement access restrictions to your Enterprise Architecture (EA) Artifacts using IBM Rational System Architect Catalog Manager.
Released: August 1, 2011
Author: Mirtunjay Sharma
AcdntlPoet 2700019V2G Visits (3103)
Join us June 2, at 2pm EDT for this great webcast - Building mobile applications with quality and testing. Learn ways to reduce the cost and complexity of testing mobile applications and help to ensure data security and reliability.
Presented by Leigh Williamson (Distinguished Engineer, Rational Software CTO Team) and moderated by Chris Ruoff (Senior Manager for Sales and Channel Development), this free webcast will discuss ways to reduce the cost and complexity of testing mobile applications, and also examine how static and dynamic analysis of the applications can help to ensure data security and reliability.
This free webcast is brought to you through a collaboration between IBM and the IEEE Computer Society. Register now to get your seat!
AcdntlPoet 2700019V2G Visits (1858)
There are two solutions in the form of fixes and/or manual workarounds that will resolve the issue. The safer solution is to apply the fix for each named product as directed in the flash above. These solutions should be implemented immediately.