CICS Transaction Server for OS/390 V1R3 includes support for the Secure Sockets Layer function in OS/390 (part of OS/390 2.7). Previously, a secure Internet server had to be installed between the browser and CICS in order to connect CICS securely to the Internet.

The key features provided by SSL are:

Confidentiality

Information between the client and the server is encrypted, to prevent eavesdropping by third parties. SSL uses public key encryption, a technique that uses a pair of asymmetric keys for encryption and decryption.

Integrity

A secure hashing algorithm is executed:

• when information is sent; and
• when information is received.

If the algorithm results do not match, the receiver is warned that a message may have been modified.

Authentication

Authentication allows you to verify that data originated from the organisation that claims to have sent it. With SSL, authentication is performed by an exchange of certificates (blocks of data digitally signed by an external certificate authority). In SSL, the server certificate is mandatory, but the client certificate is optional. The server (CICS) determines whether to accept a connection from a client without a certificate.

Next Page Previous Page