Planning the Encryption Specifics
Before getting into the application coding and configuration of OpenSSO for Secure Attribute Exchange encryption, the administrator must decide:
-
The encryption algorithm (for example, AES or DES)
-
The key strength (key size)
-
The security mechanism (symmetric or asymmetric)
If using asymmetric encryption, make sure the identity provider's public key is accessible (for example, in a keystore or through a URL) to the application on the identity provider side. Additionally, add the public key of the application on the service provider side to the service provider's keystore.
- © 2010, Oracle Corporation and/or its affiliates