Encryption Technologies: Examples

SAS/SECURE for the IOM Bridge: Examples

The IOM Bridge for SAS clients can use SAS/SECURE to encrypt network data between SAS and its clients.

SAS/SECURE must be installed at the SAS server and at the SAS client. SAS clients include COM clients and Java clients.

You can configure encryption properties in either metadata or in code.

IOM Bridge for SAS Clients: Metadata Configuration

In order to connect a SAS client to a SAS server, the CreateObjectByLogicalName function must obtain encryption information from metadata that is stored in the metadata repository. SAS Management Console can be used to configure encryption properties into the metadata repository, as follows:

Required encryption level

In SAS Management Console, follow this path:

<Connection> Options Advanced Options Encryption
Required Encryption Level

Valid values for required encryption levels are as follows:

None: No encryption
Credentials: Only user credentials (ID and password) are encrypted. This is the default.
Everything: All client/server transfers, including credentials, are encrypted.

Server encryption algorithm

In SAS Management Console, follow this path:
<Connection> Options Advanced Options Encryption
Server Encryption Algorithms

Valid values for server encryption algorithms are RC2, RC4, DES, TRIPLEDES, AES, and SASPROPRIETARY (the default).

For complete details about using SAS Management Console to configure the IOM Bridge, visit supportexp.unx.sas.com/rnd/itech/doc9/admin_oma/sasserver/iombridge.

IOM Bridge for COM: Configuration in Code

When using the CreateObjectByServer function to connect a Windows client to a SAS server, specify the following properties in your client code in the ServerDef object:

BridgeEncryptionLevel
BridgeEncryptionAlgorithm

Here is an example:

obServerDef.BridgeEncryptionLevel=EncryptAll;
obServerDef.BridgeEncryptionAlgorithm="TripleDes";

EncryptAll: causes all data, including credentials (user IDs and passwords), to be encrypted in client/server transfers.
TripleDes: is the specific encryption algorithm to be applied to data transfers.

For a complete list of encryption values, see the SAS Object Manager class reference (sasoman.chm).

IOM Bridge for Java: Configuration in Code

When using the BridgeServer object to connect a Java client to a SAS server, use the following functions to specify your encryption settings:

setEncryptionContent
setEncryptionAlgorithms
setEncryptionPolicy

Here is an example:

obBridgeServer.setEncryptionContent(BridgeServer.ENCRYPTION_CONTENT_ALL);
obBridgeServer.setEncryptionAlgorithms(BridgeServer.ENCRYPTION_ALGORITHM_TRIPLEDES);
obBridgeServer.setEncryptionPolicy(BridgeServer.ENCRYPTION_POLICY_REQUIRED);

ENCRYPTION_CONTENT_ALL: causes all data, including credentials (user ID and password), to be encrypted in client/server transfers.
ENCRYPTION_ALGORITHM_TRIPLEDES: is the specific encryption algorithm to be applied to data transfers.
ENCRYPTION_POLICY_REQUIRED: specifies that encryption is required. If the server does not support encryption, the connection fails.

For a complete list of encryption values, see the Java reference for com.sas.services.connection at www.support.sas.com.

Top of Page