Skip to main content

Use of encryption - Hitachi ID Identity Manager

Encryption is used to protect stored Hitachi ID Identity Manager data as follows:

Data stored on the Identity Manager server
Data Algorithm Key
Privileged passwords, used to log into target systems 256-bit AES 128-bit random
Answers to security questions 256-bit AES 128-bit random
User old password history SSHA-512 64-bit random salt

 

Data transmitted to and from Identity Manager on the network is cryptographically protected, as illustrated by the following examples:

Data transmitted to/from the Identity Manager server
To/From Algorithm Key length
Interactive sessions    
User browser SSL (varies) 128 bits.
Trigger password synchronization    
From Win2K/2K3 AD DC 256-bit AES 128-bit shared secret.
From z/OS    
From Unix    
From LDAP server    
Set passwords, Create/update users    
To SSH scripted target SSH Varies by SSH configuration
To Unix agent 256-bit AES 128-bit shared secret.
To z/OS task    
To RSA Authentication Manager    
To proxy server    
API Session - socket    
From calling system / IVR 256-bit AES 128-bit shared secret.
API Session - web services    
From calling system / IVR HTTPS 128 bits.
Set passwords, Create/update users    
To target system native Varies. Use proxy server when native protocol is inadequate.

 

Read More:

  • Multi-layered security architecture:
    Security is implemented as multiple layers, each of which acts to protect Identity Manager data and embedded entitlements.
  • Use of Encryption:
    Use of Encryption to protect sensitive user data in storage and transit.
  • Web Form Input Protection:
    Inputs to web forms in Identity Manager are automatically protected against bogus data, buffer overruns and more.
page top page top