Protecting data in transit with Transport Layer Security.

Body

Author: Manisha Khond, IBM Cognitive Engagement, Watson Supply Chain

The primary benefit of Transport Layer Security is the protection of web application data from unauthorized disclosure and modification when it is transmitted between clients and the server. In the B2B communication, client and the server are two trading partners.

The server validation component of TLS provides authentication of the server to the client. If configured to require client side certificates, TLS can also play a role in client authentication to the server. TLS provides integrity guarantees and replay prevention. A TLS stream of communication contains built-in controls to prevent tampering with any portion of the encrypted data. In addition, controls are also built-in to prevent a captured stream of TLS data from being replayed at a later time. It should be noted that TLS provides the above guarantees to data during transmission. TLS does not offer any of these security benefits to data that is at rest.

Transport layer protection is necessary for back-end connections and any other connection where sensitive data is exchanged or where user identity is established. Failure to implement an effective and robust transport layer security will expose sensitive data and undermine the effectiveness of any authentication or access control mechanism. You should use TLS as SSL is no longer considered usable for security.

TLS requires access to Public Key Infrastructure (PKI) in order to obtain certificates. Currently IBM Sterling B2B Integrator supports TLS 1.0, TLS 1.1 and TLS 1.2. There are properties settings to use TLS 1.2 only. Below functionality in IBM Sterling B2B Integrator and IBM Sterling File Gateway has TLS Support.

Do you have any questions? Please contact using comments section.