Manualshelf

HP e-Commerce / XML director server appliance sa8250 - Users Guide

ManualsBrandsHP ManualsServerHP e-Commerce/XML Director sa8250
41424344454647484950
C H A P T E R 2 HP e-Commerce/XML Director Server Appliance SA8250 User Guide
36
SSL
Fundamentals
SSL involves an interchange of keys used both to authenticate the
parties and to provide information to securely encrypt confidential
data. The keys distributed in this medium are one way, or
asymmetric. That is, they can only be used to encrypt confidential
data, and only the owner of the public key can decrypt the data once
it is encrypted using the public key information. SSL assures the three
benefits shown in this table.
To establish a secure session with a server, the client sends a hello
message to which the server responds with its certificate and an
encryption methodology. The client then responds with an encrypted
random challenge, which is used to establish the session keys. This
method allows two parties to quickly establish each others identities
and establish a secure connection.
Several encryption methods are employed. Common ones are DES,
3DES, RC2, and RC4. Key size can be varied to determine the level
of security desired. A longer key is more secure.
The SA8250 supports all common keys and ciphers, as well as the
following encryption methods: DES, DES3, and RC2 & RC4. The
SA8250 includes a licensed version of the RSA code embedded in the
security module as well. The device's session management software
has been certified by prominent security agencies and meets all
standards for SSL traffic.
The SA8250 handles all the handshaking, key establishment, and
bulk encryption for SSL transactions. Essentially, the SA8250 is a
full-featured, SSL-enabled web server. Traditionally, these functions
are performed either at the server level, by web servers generally
providing SSL functionality by way of standalone software
components, or by embedded encryption software.
Benefit Description
Authenticity Verifies the identities of the two parties
Privacy None other than the transacting parties can access
the information being exchanged.
Integrity The message cannot be altered in transit between
the two parties by a third party without the
alteration being detected.
SSL Benefits