ADD A NEW IDEA

Security

Showing 36

Single Sign-on (SSO) with SAML or OIDC authentication is required for the Sterling User Interfaces (UIs), including C:D, SSP, SEAS, SFG, SCCM and SCCD. Migration from a legacy LDAP connection to a federated (SAML or OIDC) connection is required for all UIs, by US Federal Agencies.

This is required to comply with US Federal Security requirements mandated to all US Federal Agencies.
21 days ago in Sterling Connect:Direct / Security 3 Planned for future release

Cryptographic function used for TLS certificates storage should use SHA-384 or SHA-512 or POLY-1305

CA Certificates, Key Certificates and Private Keys are stored in key database file cdkeystore.kdb + STH file. In addition software stores the key database password in .keystore file and passphrase to the private key in .password file in C:\Program...
5 months ago in Sterling Connect:Direct / Security 4 Not under consideration

Support for SHA-3 cryptographic algorithms

to support the below emerging cryptographic algorithmsSHA-3, including ALL variants listed here: https://en.wikipedia.org/wik: i/SHA-3#Instances
10 months ago in Sterling Connect:Direct / Security 0 Future consideration

Mask or Don't Include Passwords In Connect Direct Process Scripts that have been built in Connect Direct Web Services or Connect Direct Browser UI

Currently when a user builds a process in CDWS or CD Browser UI, the password is in plain text if a pnode/snode ID is used with password. This is a security vulnerability and should be addressed. We realize that there is no way to stop a user from...
over 3 years ago in Sterling Connect:Direct / Security 1 Planned for future release

Password Vault support for outgoing Connect Direct for Windows transfers

There is a need to execute Connect Direct transfers securely as a User/Functional ID managed through Password Vault.
over 1 year ago in Sterling Connect:Direct / Security 4 Future consideration

Encrypted Access Key and Secret Key in # S3 IO Exit parameters

Encrypted Access Key and Secret Key in # S3 IO Exit parameters Stanza of Initparm.cfg file. Here is problem Statement : We were able to send the file to DELL ECS S3 Bucket from linux node, for this one we have updated the initparm.cfg file, We hav...
3 months ago in Sterling Connect:Direct / Security 3 Not under consideration

AES-256 encryption for .bin file creation

we understand that when a .bin file is created via lcu.jar it is encrypted with AES-128. We would like to see this encryption increased to AES-256 to satisfy our Security requirements.
over 2 years ago in Sterling Connect:Direct / Security 1 Planned for future release

Enable certificate based authentication for CD Tandem

Enable certificate based authentication for CD Tandem. cert auth is only available in unix and windows version. Our orgs have a large tandem nodes that are critical to organisation.
about 2 years ago in Sterling Connect:Direct / Security 1 Planned for future release

Add TLS 1.3 Support to Connect:Direct for HPE Nonstop Platform

It was mentioned in HPE NonStop Forum that TLSv1.3 will be coming out later 2019 year. It was also mentioned by HPE that TLSv1.0 is a degraded security protocol and that HPE NonStop Client Applications running on X86 and Itanium Platform need to m...
over 5 years ago in Sterling Connect:Direct / Security 6 Future consideration

C:D support for Multi Factor Authentication

Incorporate into the C:D security processing to allow for users signing on with multi factor authentication credentials.
over 6 years ago in Sterling Connect:Direct / Security 1 Not under consideration

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.