O360/SSL Bridge is developed by Azure Information Technology Co., Ltd. for transmitting sensitive information on public network. It can encrypt information and establish secure communication channel at the receiver and transmitter end to provide identification authentication and communication confidentially at the terminal in addition to prevent eavesdropping and message falsification.
SSL Bridge has been extensively applied in practice, including the application in the transaction encryption processing between banks’ IP ATM and FEP Server, as well as the communication encryption between the severs in and outside of the branch. SSL Bridge applies public SSL (Secure Socket Layer) to support the following encryption algorithm, providing high intensity and verifiable information security technology.
- Public-Key Cryptosystems: RSA, Diffie-Hellman, DSA and Fortezza
- Symmetric-key Encryption: RC2, RC4, IDEA, DES, Triple DES and AES
- One-Way Hash Function: MD5 and SHA
SSL Bridge adopts software encryption for easy deployment in systems requiring communication encryption for two reasons. The first reason is that it can support extensive operating systems, including DOS, Windows NT 4.0, Windows98, Windows2000, Window XP, Windows 2003, Linux, AIX, HP-UX, and Sun-Solaris. Secondly, SSL Bridge has very minor impact on existing system application and only minor modification is required to add communication encryption mechanism to applications.
Application of SSL Bridge on ATM
Following the maturing of TCP/IP application, the wiring costs have been reduced substantially while enhancing banks’ intention to introduce IP ATM. However due to the broadcasting characteristics of TCP/IP, the installation of ATM inside the branch network is subject to illegal application by uncontrolled nodes via broadcasting. The connection of ATM installed outside of the branch to the bank via public network could put transaction information at risks of eavesdropping and forgery by intentional personnel. The adoption of ISP provided IP VPN network could not protect transaction security but only up to the network security outside, it will not protect the branch network security while adopting ISP provided IP VPN network.
Therefore the complete security mechanism is to install SSL Bridge on ATM to assure that the transaction information transmitted from ATM to FEP Server will undergo encryption to avoid possible information security risks in and outside of the branch.
Compared with adopting transaction MAC encryption, SSL Bridge Solution adopts the smallest degree of program change. In case MAC encryption method is adopted, ATM application will need to modify every transaction while the adoption of SSL Bridge only requires installing SSL Bridge program on IP ATM. Only minor degree of modification is required (Original ATM transaction pointing to server is changed to SLL Bridge application to enhance detection of connection commands) to establish confidential communication between ATM transaction and FEP Server, which assures safe transaction of information.
Application of SSL Bridge on Server to Sever
SSL Bridge not only can be used on ATM but also on the communication between Server to Server, including servers in and outside of the branch. SSL Bridge Solution can also be used with VPN and Router encryption mechanism.
Product Advantages of Azure SSL Bridge
- Least impact on existing application program with faster introduction and low costs.
- Supporting massive transaction encryption with high system efficiency.
- SSL Bridge uses low level of resources and does not affect existing system performance.
- Adopting public-key encryption mechanism and computing to provide reliable safety intensity.
- Extensive support for Windows, Linux, and Unix Platform.