Security considerations for IBM Rational Change

You can ensure that your installation is secure, customize your security settings, and set up user access controls. You can also ensure that you know about any security limitations that you might encounter with this application.

Enabling security during the installation process

Enabling secure communication between multiple applications

  • Rational Change integrates with many types of applications. When applicable, use SSL HTTPS connections between the Rational Change web server and any other web-based application.
  • SP800-131A Compliance: Rational Change 5.3.1 or later supports the National Institute of Standards and Technology (NIST) Special Publications 800-131A defined requirements. A strict enforcement of SP 800-131A requires the following configuration:
    • TLS v1.2 protocol for the Secure Sockets Layer (SSL) context (see Configuring Jetty 8.1.3 to run in HTTPS/SSL mode)
    • Certificates with a minimum length of 2048
    • Certificates with a signed signature algorithm of SHA256, SHA384, or SHA512
    • SP 800-131A approved cipher suites

For more information about SP 800-131A, see Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths.

Ports, protocols, and services

Configure the Rational Change web server to use the SSL HTTPS protocol.

Customizing your security settings

Setting up user roles and access

Privacy policy considerations

For information about how the software uses cookies, see Cookie policy and Notices.

Security limitations

Rational Change continuously enhances the security aspects of its components and remedies issues that are encountered. Plan to upgrade to the latest releases of Rational Change when they are available because these releases might contain security enhancements or corrections. Monitor the Rational Change Server security flash bulletins for security alerts and information about actions to perform.


Feedback