This documentation applies to the 8.0 version of Remedy Action Request System, which is in "End of Version Support." You will not be able to leave comments.

To view the latest version, select the version from the Product version menu.

How BMC Remedy Encryption Security enables secure communication between the client and server

Cryptography protects important data as it passes through an unsecured medium such as, a computer network. The services provided by BMC Remedy Encryption Security are data confidentiality, integrity, and authentication.

Encryption enables the BMC Remedy Action Request System (BMC Remedy AR System) server and its clients to communicate securely over a network by encrypting the messages sent between them. At the beginning of every client and server connection, a key exchange protocol negotiates shared encryption keys between the client and server. These keys encrypt all communication between the client and server, ensuring that the communication is secure and that third parties cannot decipher the messages in transit. Data encryption is invisible to users.

The BMC Remedy AR System client libraries provide built-in encryption capabilities that can be enabled to secure the connection to the AR System server. Higher levels of encryption are available from BMC if you need stronger encryption. BMC Remedy AR System is also tested with database encryption products from your database vendor to ensure that this connection can be encrypted.

BMC Remedy Encryption Security includes:

  • Standard security — This level of encryption is built into the BMC Remedy AR System 8.0.00 API. You do not purchase or install it separately. Its algorithm is 56-bit Data Encryption Standard (DES ) using Cipher Block Chaining (CBC ) mode. It uses a 512-bit RSA modulus to exchange keys and MD5 MAC to authenticate messages. By default, standard security is disabled. To enable it, see Configuring BMC Remedy Encryption Security.
  • BMC Remedy Encryption Performance Security (BMC Remedy Encryption Performance)— This optional product is installed separately and may require the purchase of separate license. It provides the following types of encryption:
    • RC4 with a 128-bit key for data encryption and a 1024-bit modulus for the RSA key exchange.
    • AES CBC with a 128-bit key for data encryption and a 1024-bit modulus for the RSA key exchange. It uses SHA-1 for message authentication. This option supports the minimum Federal Information Processing Standard (FIPS) 140-2 encryption requirements. See FIPS encryption options.
  • BMC Remedy Encryption Premium Security (BMC Remedy Encryption Premium) — This optional product is installed separately and may require the purchase of separate license. It provides the following types of encryption:
    • RC4 with a 2048-bit key for data encryption and a 2048-bit modulus for the RSA key exchange.
    • AES CBC with a 256-bit key for data encryption and a 2048-bit modulus for the RSA key exchange. It uses SHA-1 for message authentication. This option supports premium FIPS 140-2 encryption requirements. See FIPS encryption options.

To install BMC Remedy Encryption Premium or BMC Remedy Encryption Performance, see Installing BMC Remedy Encryption Security. To configure encryption, see Configuring BMC Remedy Encryption Security.

BMC Remedy Encryption Security includes third-party encryption software developed by the OpenSSL Project for use in the OpenSSL toolkit (see http://www.openssl.org/ ).

Was this page helpful? Yes No Submitting... Thank you

Comments