|
Transport-layer security, an IETF standard protocol, secures client/server communications using digital certificates and public-key cryptography. Transport-layer security enables encryption, tamper detection, and certificate-based authentication.
You can use transport-layer security to:
Secure communications between the SQL Anywhere database server and client applications.
Secure communications between the MobiLink server and MobiLink clients.
Set up a secure SQL Anywhere web server.
Secure communication begins with an exchange of messages (a handshake) including:
Server authentication Transport-layer security uses server certificates to establish and maintain a secure connection. You create unique certificate files for each server. You can use server authentication for SQL Anywhere client/server communication or for MobiLink synchronization:
For SQL Anywhere client/server communication, a database client verifies the identity of a SQL Anywhere database server.
For MobiLink synchronization, a MobiLink client (SQL Anywhere or UltraLite) verifies the identity of a MobiLink server.
The transport-layer security protocol uses a combination of public-key and symmetric key encryption. Public-key encryption provides better authentication techniques, but is computationally intensive. Once a secure connection is established, the client and server use a highly efficient symmetric cipher with 128-bit key size for the rest of their communication.
Separately licensed component requiredECC encryption and FIPS-certified encryption require a separate license. All strong encryption technologies are subject to export regulations. |
For information about database file encryption, see: