MobiLink Synchronization User's Guide
Transport-Layer Security
MobiLink transport-layer security uses encryption to protect the confidentiality and integrity of the synchronization data stream as it passes between a MobiLink client and the MobiLink synchronization server. This feature is important whenever this communication must travel over a public or wireless network. Under such circumstances, someone with a suitable radio or network connection could otherwise intercept your data.
Furthermore, transport-layer security allows a client application to verify the identity of a MobiLink synchronization server. Hence, client applications can ensure that they synchronize only with MobiLink synchronization servers they trust.
This security is implemented by means of digital certificates. You can achieve a variety of security objectives using different types of certificates and configuring them in different ways. This section introduces the concepts that underlie public-key cryptography and explains how they apply to digital certificates. Examples illustrate several typical arrangements, each offering different benefits.
MobiLink transport-layer security is implemented using Certicom encryption technology. This public-key cryptographic technology uses an RSA cipher suite or an elliptic-curve cipher suite. When transport-layer security is invoked, all messages sent between the client and server are encrypted using a 128-bit cipher.
To invoke the server authentication features, you create and use digital certificates. Different types of certificates and different arrangements of these certificates allow you to provide various levels of security. You create the certificates using tools included with SQL Anywhere Studio.
About public-key cryptography
Client architecture
Digital certificates
The role of digital certificates
Using chains of certificates
Server authentication