For a more complete, full-security solution,
the Sterling Connect:Direct® Secure Plus is
available. This option of Sterling Connect:Direct enables
you to select the security protocol to use to secure data during electronic
transmission: Transport Layer Security (TLS) or Secure Sockets Layer
protocol (SSL). These protocols provide three levels of security:
- The first level of security is server authentication. It is activated
when a trading partner connects to a Sterling Connect:Direct server.
After the initial handshake, the Sterling Connect:Direct server
sends its digital certificate to the trading partner. The trading
partner checks that it has not expired and that it has been issued
by a certificate authority the trading partner trusts.
- The second level of security, called client authentication, requires
that the trading partner send its own certificate. If enabled, the Sterling Connect:Direct server
requests certificate information from the trading partner, after it
returns its certificate information. If the client certificate is
signed by a trusted source, the connection is established.
- The third level of security requires that a certificate common
name be verified. The Sterling Connect:Direct Secure Plus server
searches the certificate file it receives from the trading partner
and looks for a matching certificate common name. If the server cannot
find the certificate common name, communication fails.
Sterling Connect:Direct Secure Plus includes
the following encryption algorithms: