Secure Sockets Layer (SSL) is the open
standard security protocol for the secure transfer of sensitive information
over the Internet. SSL provides three things: privacy through encryption,
server authentication, and message integrity. Client authentication
is available as an optional function.
OpenVMS includes three standards-based cryptographic security
solutions, HP SSL for OpenVMS, Common Data Security Architecture
(CDSA), and Kerberos for OpenVMS that
protect your information and communications.
Protecting communication links to OpenVMS applications over
a TCP/IP connection can be accomplished through the use of SSL.
The OpenSSL APIs establish private, authenticated and reliable communications links
between applications.
CDSA for OpenVMS provides a security infrastructure that allows
for the creation of multiplatform, open source industry standard
cryptographic solutions. CDSA provides a
flexible mix-and-match solution among a variety of different applications
and security services. This allows for compliance to local regulation
while keeping the security underpinnings transparent to the end
user. For more information, see the HP Open Source Security
for OpenVMS, Volume 1: Common Data Security Architecture.
Kerberos is a network authentication protocol designed to
provide strong authentication for client/server applications by
using secret-key cryptography. It was developed at the Massachusetts
Institute of Technology as part of Project Athena in the mid-1980s.
The Kerberos protocol uses strong cryptography, so that a client can
prove its identity to a server (and vice versa) across an insecure
network connection. After a client and server have used Kerberos
to prove their identity, they can also encrpt all of their communications
to assure privacy and data integrity. For more information, see HP
Open Source Security for OpenVMS, Volume 3: Kerberos.
 |
| |
|
 | NOTE: SSL data transport requires encryption. Many governments,
including the United States, have restrictions on the import and
export of cryptographic algorithms. Please ensure that your use of
SSL is in compliance with all national and international laws that
apply to you. |
|
| |
|
This chapter discusses the following topics:
