What's New in Encryption in SAS 9.3
Overview
Encryption in SAS is
affected by the following changes and enhancements in SAS:
-
FIPS 140-2 is a standard that defines
the security requirements that must be satisfied by a cryptographic
module used in a security system protecting unclassified information
within IT systems. In SAS 9.3, enhancements have been made to support
this standard of security.
SAS/SECURE and SSL now comply with the
FIPS 140-2 standard.
-
In the second maintenance release
for SAS 9.3, a hot fix is available that updates the UNIX and
z/OS
OpenSSL version for 0.9.8.
-
In the second maintenance release
for SAS 9.3, security hot fixes are available that introduce two new
environment variables: SAS_SSL_MIN_PROTOCOL, supported on UNIX, Windows,
and
z/OS, and SAS_SSL_CIPHER_LIST, supported on UNIX and
z/OS.
General Enhancements
-
-
-
New option ENCRYPTFIPS specifies
that encryption services are using FIPS 140-2 validated algorithms.
When specified, a new INFO message is written at server start-up.
Refer to ENCRYPTFIPS System Option for details.
-
-
If using the FIPS 140-2 standard
for security, the algorithm used for hashing passwords is SHA-256.
The MD5 algorithm continues to be used for all other security technologies.
-
Encoded passwords are now supported
for SAS data sets.
-
In the second maintenance release
for SAS 9.3, a hot fix is available that updates the OpenSSL 0.9.8
version on UNIX and
z/OS.
For more information, see SSL Software Availability.
Copyright © SAS Institute Inc. All rights reserved.