Security standards

CICS® complies with the following standards for security processing.

Table 1. Security standards
Standard	CICS support
6.16.2 SAML 6.3 Support for SAML using the CICS Security Token Service is removed as of CICS TS 6.3.	SAMLCore1.1 and SAMLCore2.0 standards. CICS does not support the protocols that are described in those standards. It does not support SAMLCore 1.0.
6.16.2 Web Services Security: SOAP Message Security 6.3 Support for signing and encrypting SOAP messages for the WS-Security feature is removed as of CICS TS 6.3.	Conditionally complies with: SOAP Message Security UsernameToken Profile 1.0 X.509 Certificate Token Profile 1.0
Web Services Trust Language	CICS supports only WS-Trust 1.2, which is the February 2005 version of the specification..
National Institute of Standards and Technology (NIST) SP800-131A	You can make your system SP800-131A conformant by configuring CICS to use suitable cipher suites and certificates.
FIPS 140-2	CICS supports the FIPS140-2 standard for cryptographic modules.
TLS support	CICS supports the Transport Layer Security (TLS) protocol that supersedes the Secure Sockets Layer (SSL) protocol that provides support in CICS for TLS 1.1 to TLS 1.3.
Compliance data collection (PCI-DSS)	CICS supports PCI-DSS (Payment Card Industry Data Security Standard).