SAS/SECURE for the IOM Bridge: Examples

IOM Bridge Encryption Configuration

The IOM Bridge for SAS clients can use SAS/SECURE to encrypt network data between SAS and its clients.
SAS/SECURE must be installed at the SAS server and at the SAS client. SAS clients include COM clients and Java clients.
You can configure encryption properties in either metadata or in code.

IOM Bridge for SAS Clients: Metadata Configuration

In order to connect a SAS client to a SAS server, the CreateObjectByLogicalName function must obtain encryption information from metadata that is stored in the metadata repository. SAS Management Console can be used to configure encryption properties into the metadata repository, as follows:
Required encryption level
In SAS Management Console, follow this path:
<Connection>then selectOptionsthen selectAdvanced Optionsthen selectEncryptionthen selectRequired Encryption Level
Valid values for required encryption levels are as follows:
None
No encryption
Credentials
Only user credentials (ID and password) are encrypted. This is the default.
Everything
All client/server transfers, including credentials, are encrypted.
Server encryption algorithm
In SAS Management Console, follow this path:<Connection>then selectOptionsthen selectAdvanced Optionsthen selectEncryptionthen selectServer Encryption Algorithms
Valid values for server encryption algorithms are RC2, RC4, DES, TRIPLEDES, AES, and SASPROPRIETARY (the default). For more information, refer to the chapters on encryption in SAS Intelligence Platform: Security Administration Guide.

IOM Bridge for COM: Configuration in Code

When using the CreateObjectByServer function to connect a Windows client to a SAS server, specify the following properties in your client code in the ServerDef object:
  • BridgeEncryptionLevel
  • BridgeEncryptionAlgorithm
Here is an example: 
obServerDef.BridgeEncryptionLevel=EncryptAll;
obServerDef.BridgeEncryptionAlgorithm="TripleDes";
EncryptAll
causes all data, including credentials (user IDs and passwords), to be encrypted in client/server transfers.
TripleDes
is the specific encryption algorithm to be applied to data transfers.
For a complete list of encryption values, see the SAS Object Manager class reference (sasoman.chm).

IOM Bridge for Java: Configuration in Code

When using the BridgeServer object to connect a Java client to a SAS server, use the following functions to specify your encryption settings:
  • setEncryptionContent
  • setEncryptionAlgorithms
  • setEncryptionPolicy
Here is an example: 
obBridgeServer.setEncryptionContent(BridgeServer.ENCRYPTION_CONTENT_ALL);
obBridgeServer.setEncryptionAlgorithms(BridgeServer.ENCRYPTION_ALGORITHM_TRIPLEDES);
obBridgeServer.setEncryptionPolicy(BridgeServer.ENCRYPTION_POLICY_REQUIRED);
ENCRYPTION_CONTENT_ALL
causes all data, including credentials (user ID and password), to be encrypted in client/server transfers.
ENCRYPTION_ALGORITHM_TRIPLEDES
is the specific encryption algorithm to be applied to data transfers.
ENCRYPTION_POLICY_REQUIRED
specifies that encryption is required. If the server does not support encryption, the connection fails.
See SAS Integration Technologies: Java Client Developer's Guide for information about the IOM Bridge for Java.
Copyright © SAS Institute Inc. All rights reserved.