Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

TUTORIAL - InformationWeek

www.datadirect.com

T U T O R I A L

SECURITY TUTORIAL – KEEP YOUR APPLICATION DATA SAFE!

Even when using an application with the best security, the only way to keep data truly secure across the network is to ensure that your database middleware supports the latest security features. Kerberos authentication and SSL encryption are no longer cutting edge “nice-to-have” options. They are mandatory elements to any successful security strategy. Some drivers may not support these security features – others may only offer support from some platforms. Still other driver options may require additional layers of software which end up killing performance. Progress DataDirect drivers support SSL and Kerberos from any platform without requiring database client libraries.

And just as important, supporting these features through the driver takes just a few minutes – no additional application code required!

ODBC

If Kerberos and SSL have been implemented, adding security support to an ODBC application on windows would just require a few drop down options selected, and a few fields populated with the encryption information:

2 www.datadirect.com

To add security support to a SQL Server application on UNIX would just require a few changes to the odbc.ini file:

3 www.datadirect.com

JDBC

For a Java application connecting to a relational database like DB2 , the only information required is in the JDBC connection string: jdbc:datadirect:db2://server1:50000;DatabaseName=jdbc

;User=test;Password=secret;AuthenticationMethod=kerberos;E ncryptionMethod=SSL;HostNameInCertificate=testhost;KeyStor e=xyz;KeyStorePassword=xxx;KeyPassword=xxxy;TrustStore=/ directoryA/truststorefile;TrustStorePassword=xxxy;ValidateS erverCertificate=true;

Whether you are working with an ODBC application or a JDBC application, the connection properties will be the same. These properties are all set at the driver level, so there is no need for additional application code. Adding functionality to your application without having to create, develop, test, and maintain multiple lines of extra code saves time, resources, and money!

SECURITY CONNECTION PROPERTIES

Once you have implemented SSL, there are just a few parameters that need to be set. Below is a list of security-related connection options and descriptions:

• AuthenticationMethod - determines which authentication method the driver uses when it establishes a connection.

• Encryption Method – determines whether data is encrypted and decrypted when transmitted over the network between the driver and database server.

• HostNameInCertificate – specifies a host name for certificate validation when

SSL encryption is enabled and validation is enabled. This property provides additional security against man-in-the-middle (MITM) attacks by ensuring that the server the driver is connecting to is the server that was requested.

• KeyStore – specifies the directory of the keystore file to be used when SSL is enabled and SSL client authentication is enabled on the database server. The keystore file contains the certificates that the client sends to the server in response to the server’s certificate request.

www.datadirect.com

4

• KeyStorePassword – specifies the password that is used to access the keystore file when SSL is enabled and SSL client authentication is enabled on the database server. The keystore file contains the certificates that the client sends to the server in response to the server’s certificate request.

• KeyPassword – specifies the password that is used to access the individual keys in the keystore file when SSL is enabled and SSL client authentication is enabled on the database server. This property is useful when individual keys in the keystore file have a different password than the keystore file.

• TrustStore – specifies the directory of the truststore file to be used when SSL is enabled using the EncryptionMethod property and server authentication is used. The truststore file contains a list of the Certificate Authorities (CAs) that the client trusts.

• TrustStorePassword – specifies the password that is used to access the truststore file when SSL is enabled and server authentication is used. The truststore file contains a list of Certificate Authorities (CSs) that the client trusts.

For more information on how SSL and Kerberos keep your data secure, see the JDBC security section and the ODBC security section in the Progress DataDirect product documentation.

Check out ISAG’s latest whitepaper:

Data Access Middleware Security Simplifies Business Process Applications

Link to Progress DataDirect’s Security Support Matrix

Ready to get started? Progress DataDirect offers a free, fully functional, 15-day trial on all products. www.datadirect.com/download

5 www.datadirect.com

www.datadirect.com

6

PROGRESS DATADIRECT

Progress Software is the only comprehensive provider of software for connecting the world’s most critical business applications to data and services, running on any platform, using proven and emerging standards. Developers worldwide depend on DataDirect® products to connect their applications to an unparalleled range of data sources using standards-based interfaces such as ODBC,

JDBC and ADO.NET, XQuery and SOAP. More than 300 leading independent software vendors and thousands of enterprises rely on

Progress Software to simplify and streamline data connectivity for distributed systems and to reduce the complexity of mainframe integration.

PROGRESS SOFTWARE

Progress Software Corporation (NASDAQ: PRGS) is a global enterprise software company that enables businesses to be operationally responsive to changing conditions and customer interactions as they occur – to capitalize on new opportunities, drive greater efficiencies and reduce risk. The company offers a comprehensive portfolio of best-in-class enterprise software spanning event-driven visibility and real-time response, open integration, data access and integration, and application development and deployment – all supporting on-premises and SaaS/Cloud deployments. Progress maximizes the benefits of operational responsiveness while minimizing IT complexity and total cost of ownership. Progress can be reached at www.progress.com or +1-781-

280-4000.

WORLDWIDE HEADQUARTERS

Progress Software Corporation, 14 Oak Park, Bedford, MA 01730 USA

Tel: +1 781 280-4000 Fax: +1 781 280-4095 On the Web at: www.progress.com

Find us on facebook.com/progresssw twitter.com/progresssw youtube.com/progresssw

For regional international office locations and contact information, please refer to the Web page below: www.progress.com/worldwide

Progress, DataDirect, DataDirect Connect, DataDirect Connect for JBDC, DataDirect Connect for ODBC and Business Making Progress are trademarks or registered trademarks of Progress Software Corporation or one of its affiliates or subsidiaries in the U.S. and other countries. Any other trademarks contained herein are the property of their respective owners. Specifications subject to change without notice.

© 2012 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved.

www.datadirect.com

Related documents
OnlineBankingSecurit..
OnlineBankingSecurit..
Sample PowerPoint Presentation - Volunteer Centers of Michigan
Sample PowerPoint Presentation - Volunteer Centers of Michigan
Report for Lab 32
Report for Lab 32
17.1 Case Study Worksheet1
17.1 Case Study Worksheet1
TechTip #6 – Online Technical Requirements (all online users) For
TechTip #6 – Online Technical Requirements (all online users) For
Princess Nora Bint Abdul Rahman University College of Computer
Princess Nora Bint Abdul Rahman University College of Computer
Slides for lecture 26
Slides for lecture 26
Document
Document
SSL Supplement - YSU Computer Science & Information Systems
SSL Supplement - YSU Computer Science & Information Systems
SSL
SSL
Top 5 Ways Embedded Connectivity Accelerates Your
Top 5 Ways Embedded Connectivity Accelerates Your
Download