SecureFTP
The FTP protocol provides a easy
and straight forward protocol for transferring files between
systems on different platforms and is one of the most used
applications on a TCP/IP connected network. Many installations
rely on it to efficiently transmit critical files that can
contain vital information such as customer names, product
ideas, credit card account numbers, personal names, addresses,
social security numbers, confidential contracts, legally
protected medical information, source code to computer software,
corporate secrets, physical asset locations and other sensitive
information. Many times the sender or receiver of the sensitive
information may be unaware of the importance of it and the
necessity to properly guarantee the integrity and privacy
of the data being transmitted, and in some cases ignorant
of legal liability for protecting the privacy and integrity
of the information. There is also a naïve
belief that information is inherently secure and that our
data is by default completely safe and secure.
This is simply not true. The truth is that the FTP protocol
transmits data without any authentication, privacy
or integrity.
The FTP protocol requires one side
to act as a client that issues commands to set up and control
an independent data channel that is used to retrieve and
store files between two systems. The only security provided
is the use of a user ID and password during the initialization
of the connection. All commands including the user ID and
password are openly passed across the network and
must often be stored in a file or job control, making them
easily susceptible and open to abuse.
SecureFTP provides user authentication,
privacy and integrity by using RSA digitally signed certificates,
DES encryption and SHA-1 secure hash functions. These cutting
edge, industry standard cryptographic functions provide authentication,
privacy and integrity for commands and data transmitted using
the FTP protocol by implementing the SSL protocol for FTP clients
and servers running on the VSE platform. SecureFTP
implements both the SSL 3.0 and TLS 1.0 standards for security.
(SSL stands for the Secure Sockets Layer and TLS stands for
the Transport Layer Security. The Internet Engineering Task
Force (IETF) has officially renamed SSL to be TLS. It is compatible
with SSL and contains significant enhancements.)
SecureFTP relies on a number
of integrated components, including PKI (Public Key Infrastructure)
for identification, RSA for key exchange algorithms, DES
for data encryption, MD5 and SHA-1 for message hashing and
HMAC for message authentication. SecureFTP for
VSE implements numerous industry protocols including RFC2246
(Transport Layer Security), RFC1321 (MD5 message-digest algorithm),
RFC2104 (HMAC) and RFC2459 (X.509v3 PKI certificates). By
using industry standard algorithms, you are assured of compatibility
with a wide variety of other vendors and platforms
that also support Secure SSL enabled FTP servers and clients.
|
|
