IBM Support

Protecting data in transit with Transport Layer Security.

Technical Blog Post


Abstract

Protecting data in transit with Transport Layer Security.

Body

Author: Manisha Khond, IBM Cognitive Engagement, Watson Supply Chain

 

The primary benefit of Transport Layer Security is the protection of web application data from unauthorized disclosure and modification when it is transmitted between clients and the server. In the B2B communication, client and the server are two trading partners.


The server validation component of TLS provides authentication of the server to the client. If configured to require client side certificates, TLS can also play a role in client authentication to the server. TLS provides integrity guarantees and replay prevention. A TLS stream of communication contains built-in controls to prevent tampering with any portion of the encrypted data. In addition, controls are also built-in to prevent a captured stream of TLS data from being replayed at a later time. It should be noted that TLS provides the above guarantees to data during transmission. TLS does not offer any of these security benefits to data that is at rest.


Transport layer protection is necessary for back-end connections and any other connection where sensitive data is exchanged or where user identity is established. Failure to implement an effective and robust transport layer security will expose sensitive data and undermine the effectiveness of any authentication or access control mechanism. You should use TLS as SSL is no longer considered usable for security.

 

TLS requires access to Public Key Infrastructure (PKI) in order to obtain certificates. Currently IBM Sterling B2B Integrator supports TLS 1.0, TLS 1.1 and TLS 1.2. There are properties settings to use TLS 1.2 only. Below functionality in IBM Sterling B2B Integrator and IBM Sterling File Gateway has TLS Support.

 

TLS support in functionality

Adapters/Services

Communication with Email Server
B2B Mail Client Adapter, SMTP Send Adapter
Execute the OS shell scripts Command Line Adapter 2
FTP FTP Client Adapter and Services, FTP Server Adapter
HTTP HTTP Client Adapters and Services, HTTP Server Adapter
Java Messaging Service JMS 1.1 Acquire Connection and Session Service, JMS 1.1 Async Receive Adapter
TCP/IP Socket communication Socket Client Adapter, Socket Server Adapter, Socket Connect Service
Communication with IBM WebSphere MQ WebSphere MQ Suite Async Receiver Adapter
WebServices SOAP Inbound Service, SOAP Outbound Service, SOAP Inbound Security Service, SOAP Outbound Security Service
Communication with IBM WebSphere MQ File Transfer Edition WebSphere MQ File Transfer Edition Agent Adapter
Odette FTP TLS support in Partner Profile
IBM Sterling File Gateway Custom protocols
Connect:Direct Connect:Direct Secure+ configuration

 

Do you have any questions? Please contact using comments section.

[{"Business Unit":{"code":"BU055","label":"Cognitive Applications"},"Product":{"code":"SSMHNK","label":"IBM Sterling B2B Integrator"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"","Edition":"","Line of Business":{"code":"LOB02","label":"AI Applications"}}]

UID

ibm11120677