What's New in Encryption in SAS 9.3
Overview
FIPS 140-2 is a standard
that defines the security requirements that must be satisfied by a
cryptographic module used in a security system protecting unclassified
information within IT systems. In SAS 9.3, enhancements have been
made to support this standard of security.
SAS/SECURE and SSL now
comply with the FIPS 140-2 standard.
General Enhancements
-
SAS/SECURE now supports FIPS 140-2
encryption.
-
Secure Sockets Layer (SSL) now
supports FIPS 140-2 encryption.
-
New option ENCRYPTFIPS specifies
that encryption services will use FIPS 140-2 validated algorithms.
When specified, a new INFO message is written at server start-up.
-
The process for downloading SSL
libraries has changed.
-
If using the FIPS 140-2 standard
for security, the algorithm used for hashing passwords will be SHA-256.
The MD5 algorithm will continue to be used for all other security
technologies.
Copyright © SAS Institute Inc. All rights reserved.