Session ID Random Number Generator

book

Article ID: 130080

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction



Is the random number generator used to create Session ID's for SSO FIPS 140-2 compliant and is at least half of the value created using a definable source of entropy (PRNG)?

Environment

Release: MSPSSO99000-12.8-Single Sign-On-for Business Users-MSP
Component:

Resolution

Yes, the random number generator used to create Session IDs is FIPS 140-2 compliant and at least half of the value is created using a definable source of entropy.