Technical Blog Post
Maximo support for Federal government security & accessibility standards
You may have many questions surrounding Maximo support for USGCB, FDCC, FIPS support, NIST SP800-131a and Section 508 accessibility. The following article provides you further details regarding Maximo support for these standards.
USGCB is the US Government Configuration Baseline for additional security settings on computers running Windows 7 & Windows 2008. Further details regarding this standard are available at usgcb.nist.gov. Please note that Maximo 7.5 (and subsequent fix packs) and Maximo 22.214.171.124 (and subsequent fix packs) are certified for USGCB. All new product releases are also certified for USGCB. We validate that the Maximo installer as well as Maximo functions work as expected using the Internet Explorer browser in the USGCB environment. Please note that for a successful product install the firewall should be disabled on the USGCB system for the duration of the install.
The older FDCC standard has been re-branded by NIST to the USGCB standard. FDCC refers to the Federal Desktop Core Configuration standard that was recommended by the NIST for general purpose government computers running Windows XP & Vista. Maximo 7.1.1.x supports the FDCC standard.
Section 508 refers to federal law mandating that all electronic and information technology developed, procured, maintained, or used by the federal government be accessible to people with disabilities. Maximo Asset Management 7.5 (and subsequent fix packs) are Section 508 compliant. Please note however that some add-ons or industry solutions that depend on Maximo Asset Management 7.5 may not be fully 508 accessibility compliant. The IBM Human Accessibility center at http://www-03.ibm.com/able/ provides more information.
The NIST SP800-131a standard is expected to come into effect towards the end of 2013. This standard requires a stronger cryptographic algorithm for encryption. Maximo uses the IBM JDK which is compliant with the new standard. However, to use an algorithm that support this encryption standard, the encryption properties in Maximo need to be modified. For more information on the standard visit http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf. For information on how to modify the Maximo encryption properties to a compliant value visit http://publib.boulder.ibm.com/infocenter/tivihelp/v49r1/index.jsp?topic=%2Fcom.ibm.mbs.doc%2Fpropmaint%2Ft_manage_system_properties.html.