Company

SECURE MESSAGING STANDARDS GLOSSARY OF TERMS

Industry Standards
Secure messaging software should follow industry standards and principles that are accepted by IT security professionals worldwide. By deploying standards-based technologies, Sigaba makes it easier to integrate complementary technology, improve infrastructure security and flexibility, prepare for future security threats and integrate with next-generation technology.  Following is a list of the key secure messaging standards.

SAML
Security Assertions Markup Language (SAML) is the framework through which business partners can exchange security information over the Internet. It addresses the lack of interoperability among security services. Sigaba has been an active developer and implementer of this standard and was first to employ federated identity-based authentication using SAML.

SSL/TLS
Secure Socket Layer (SSL)/Transport Layer Security (TLS) is a protocol that provides secure communication over a public channel. Sigaba uses this standard to integrate Web services.

S/MIME
Secure/Multi-purpose Internet Mail Extensions (S/MIME) is an email security standard that requires a trusted source (for example, a corporate email server) to issue a "digital certificate" to each user. The user must have the certificate and associated “private key” to open messages. While Sigaba technology is purposely not built on S/MIME, its products integrate seamlessly with S/MIME-based solutions.

HMAC RFC2104
Hashed Message Authentication Code (HMAC) is an authentication mechanism that uses cryptographic functions, such as MD5 or SHA-1, in combination with a secret shared key. Sigaba uses HMAC to authenticate messages and ensure that they’re not tampered with in transit.

AES FIPS 197
The Advanced Encryption Standard (AES) specifies Rijndael as a FIPS-approved symmetric encryption algorithm that may be used by U.S. government agencies (and others) to protect sensitive information. This encryption technology standard is standard in Sigaba’s secure messaging products.

Triple DES FIPS 46-3
Triple Data Encryption Standard (Triple DES or 3DES) is an encryption method that bundles three 64-bit DES keys. It requires users to be authorized and have a key to decrypt data. Sigaba offers 3DES as an alternative to AES.

DSA FIPS 186-2 (Digital Signature Algorithm)
Digital Signature Algorithm (DSA) specifies a suite of algorithms that generate a digital signature.

SHA FIPS 180-1 (Secure Hash Algorithm)
Secure Hash Algorithm (SHA) is used to compute a “message digest,” a condensed representation of a message or data file. Sigaba technology uses SHA-1 to more efficiently authenticate and protect messages. It works in tandem with DSA to generate or verify a message signature. Sigaba also uses it in its HMAC calculation.

XML Digital Signature (RFC 3075)
Extensible Markup Language (XML) provides integrity and message and signature authentication for all data types. Sigaba uses this standard to represent digital signatures in its security protocols.
Secure Messaging Products | Core Technology | Solutions | Professional Services | Company | Contact | Privacy | Legal | Customer Support