Uniface User Forum

 View Only
  • 1.  DORA and "in transfer": SSL for MSS-driver ?

    Posted 19 days ago

    Hi Freaks

    As a software company for certain financial services, we are also subject to the DORA Regulation. 
    There are a few points in Article 6 that should be fulfilled

    https://www.dora-info.eu/rts-rmf/article-6/

    1. the encryption of data at rest and in transit;
    2. the encryption of data in use, where necessary;
    3. the encryption of internal network connections and traffic with external parties

    "in rest" 
      Can be solved on the database 
    "in use" 
        Is almost impossible to solve with reasonable effort or how do you want to encrypt variable content?
        But there is a mitigation (see "For the purposes of point (b)" )
        And since our customers only work InHouse ...
    "in transfer" 
        And here is the question, how does the UnifAce client communicate with the SQL database?
        There is TLS, but that is probably only intended as an extension for TCP connections.
        Theoretically, you can access the SQL server in encrypted form if you install Zeritifikate&Co there
        But what does the UnifAce driver do then?
        Or is it sufficient to check "strong encryption" in the ODBC administration? 

    Any ideas, comments, notes,...  are welcome
    For all of the "nice" points :-)

    Ingo



    ------------------------------
    Ingo Stiller
    Aareon Deutschland GmbH
    ------------------------------


  • 2.  RE: DORA and "in transfer": SSL for MSS-driver ?

    Posted 18 days ago

    Hi Ingo,

    Two small questions:

    1) Are you worrying about STARTTLS:

       There is TLS, but that is probably only intended as an extension for TCP connections.

    also if the switch to TLS is done automatically into initial handshaking?

    2) Probably DBMS connections support not only STARTTLS method but also a native TLS connection without the initial phase on unencrypted ports. Try to check for them...

    Hope it helps.

    Gianni



    ------------------------------
    Gianni Sandigliano
    IT
    ------------------------------