Secure data transfer solutions for business integrators
So you you need to send or receive the important data and security of the information is a must. If you need to upload or download files or secure the files before transfer over unsecured channels, send secure e-mail or even access remote file systems we have solutions for these tasks. Let us check what we have for you:
Upload and download of files using standard Internet protocols, such as Secure FTP (SFTP or FTPS)
Secure upload and download of files using standard secure Internet protocols such as SFTP and FTPS is the most common data transfer task and should be implemented in minutes. We offer simple yet powerful client-side components that let you transfer files using one of secure file transfer protocols.
SFTP or FTPS. These two protocols are often confused. SFTP stands for SSH File Transfer Protocol and FTPS is FTP over SSL. If you do not know for sure which one to use or just want to know more about the difference between SFTP and FTPS, please read the article in our knowledgebase.
The main advantage of the offered components is that they let you control all aspects of the connection and data transfer procedure. Be it the method of authentication, used cryptographic algorithm or any other security aspect of the connection, you get all what the protocol can offer.
FTPS client component works in both secure and regular non-secure modes. SFTP protocol was designed as a secure protocol and is not usually used in insecure mode.
The components are part of Transports package of BizCrypto product.
Secure transfer over unsecured channels
If you must use only unsecured protocol for data transfer, your task is to encrypt the data before transferring them to the remote site. Two encryption mechanisms are currently used in the industry. Both of them are available with SecureBlackbox.
These mechanisms are OpenPGP and PKI (Public Key Infrastructure). Both these schemes are based on industry standards and are free from proprietary restrictions. Data encrypted using one of these schemes can be read and decrypted using variety of software products.
The main difference between these two mechanisms is the way encryption keys are created and managed.
PKI encrypts data using X.509 certificates. You can create such certificates yourself, but proper use of PKI includes third-party organizations that issue certificates for users. OpenPGP lets you use either conventional passphrases or open PGP keys to encrypt data. Users generate OpenPGP keys themselves. OpenPGP is quite good for ad hoc security, when you need to send data to a limited number of people. PKI is used when your application becomes part of larger infrastructure in which people use certificates widely.
You can add PKI or OpenPGP encryption and signing features to your application using Data Security package of BizCrypto product.
Protect documents and data when sending them to other parties
Data security operations include two operations. They are technologically similar, but very different in purpose: encryption of data and digital signing of data. Encryption is used to prevent unauthorized individuals or hardware systems from accessing the data. Digital signing of data is used to authenticate and identify the author or sender. While these operations serve different purposes, they almost always come in pair so we will describe them together as "securing data".
The industry has created a number of approaches for securing data of different kind. OpenPGP and PKI technologies are used to secure any type of data. They are described above. PDF security is specific to documents in PDF format. XML Security was designed for use primarily with XML-formatted data but can be used to secure any type of data.
PDF security is based on PKI (certificates) for encryption and signing. You can also encrypt documents using symmetric keys such as passwords and passphrases. XML security can use certificates, OpenPGP keys and symmetric keys for encryption, and certificates or OpenPGP keys for digital signing of data.
All mentioned security components are available in Data Security package of BizCrypto product.
Send and receive secure e-mail messages
Secure e-mail is often overlooked as a secure date channel, and the reasons are unclear. E-mail is probably the most widespread way of communication between people over Internet, and it is equally well suited for communicating between automated systems.
E-mail operations include: on the sender side -- composing a message, securing it, sending it. On the client side operations include receiving e-mail and parsing (decomposition) of the received email, possibly with decryption and verification of e-mail signatures.
The widely used S/MIME security technology lets you sign and encrypt e-mail being delivered. BizCrypto offers mail composition and decomposition operations within its MIME and S/MIME Processor.
Besides creation of MIME e-mail, it is necessary to send it. For mail delivery BizCrypto offers SMTP client, which can send e-mail using regular SMTP protocol and also via SMTP-over-SSL. SMTP client component is available in SMTP Transport and requires Professional package of BizCrypto.
Access and manipulate files and directories on remote servers
Remote access to file repositories or just remote file systems remains an important part of many IT related activities. Historically, FTP (File Transfer Protocol) was used to transfer files. Recently SFTP (SSH File Transfer Protocol) gained popularity as the way to not only upload and download files, but perform full scope of file manipulations or the remote system. This includes directory creation and deletion, file renaming and deletion. BizCrypto in its SFTP Transport support for the listed operations.
If your file manipulation needs to include execution of custom commands on a server, you will benefit from having access to the remote shell (console) over SSH protocol. SSH components let you quickly execute one or several commands, or start a shell for you for more sophisticated tasks.
SSH is offered in SSH Transport.