|
Information Security
< Previous Next >
Re: Security over Internet
Ryan Pierce (FPL Technical Director) / FIX Protocol Ltd.
14 Jun 2010 1:58PM ET > I am now studying FIX connectivity over Internet from market maker's perspective. One of the challenges is to address security concern. Apart from SSL, I am thinking if there is any quick-win approach (like using Tag 98 in Logon Message) so that other market takers are willing to implement with minimum effort? Grateful for your idea.
Tag 98 is not secure, at least in its standardized usage today. These encryption methods use 56 bit DES, which has been demonstrated breakable back in 1998.
SSL or TLS are the current FPL recommended methods for securing FIX connections. You can find more information here:
http://fixprotocol.org/documents/5098/FIX%20Security%20White%20Paper-1.8-FINAL.pdf
I would think that SSL or TLS is more of a "quick-win" than the Tag 98 approaches. One can use the open-source product "stunnel" with FIX engines that have no native support for SSL. However, it is easy to misconfigure stunnel; the white paper referenced above documents issues to consider.
Re: Security over Internet
Ryan Pierce (FPL Technical Director) / FIX Protocol Ltd. 14 Jun 2010 1:58PM ET
|
@FIXProtocol
