Support for security protocols
CICS® supports the Secure Sockets Layer and Transport Layer Security protocols.
Specifically, CICS supports
TLS 1.0, TLS 1.1, and TLS 1.2. For more details of these protocols,
see the relevant RFC:
- TLS 1.0: RFC 2246
- TLS 1.1: RFC 4346
- TLS 1.2: RFC 5246
Note: The term SSL is used to refer to both the Secure Sockets Layer
and Transport Layer Security protocols in the documentation, except
where a specific point about either protocol is required.
The main features of these security protocols are:
- Privacy
- The data to be exchanged between the client and the server is encrypted. See SSL encryption for more information.
- Integrity
- Data which is transmitted using the SSL protocols is protected against tampering by a message authentication code (MAC). The MAC is computed from the data contents using a secure hashing algorithm and transmitted with the data. It is computed again by the receiver, and compared with the value transmitted by the sender. A mismatch between the two values of the MAC indicates that the data may have been tampered with.
- Authentication
- SSL uses digital certificates to authenticate servers to clients and, optionally, clients to servers.