IBM Sterling Ideas

formerly Watson Supply Chain

Submit new product ideas for Watson Supply Chain solutions. Before you submit, please review existing ideas; if an idea close to yours already exists, it's better to add comments or vote on the existing idea. We will review your ideas and use them to help prioritize our product development. Best of all, the portal will automatically update you when the status of your idea has been changed. Order Management, Store Engagement, Watson Order Optimizer, Inventory Visibility, CPQ and Call Center are now part of Watson Supply Chain

Connect with IBM experts and your peers on the Supply Chain Collaboration Community and the Order Management Interest Group

Submit ideas for other Watson Customer Engagement Products:

Watson Marketing
Watson Campaign Automation
Watson Commerce

B2B Integrator needs to offload its cryptographic operations of generating symmetric keys for encryption/decryption of files at rest to an HSM when available and configured

First, I have to say this is a customer requirement.

Second, how this would work can be described by using this example:

SFTP server adapter receives a file in its entirety.  As it prepares to write the file to disk (at rest), it goes to its configured HSM to get a pair of symmetric keys used to encrypt the file at rest.  The HSM contains the wrapper key that protects the symmetric keys.  The request arrives to the HSM and the HSM generates the symmetric keys (does not store them) and hands them back to B2Bi.  B2Bi encrypts the file to be stored at rest with the symmetric public key.  The reference to the document's location and its symmetric keys are stored in the database in the DOCUMENT table as before.


Currently B2Bi caches the wrapper private key and performs the crypto operations by using the key from cache which does not satisfy customer's requirements.

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • May 3 2018
  • Needs review
How will this idea be used?

In order to meet customer's requirements, the crypto operations for generation of symmetric keys must occur on the HSM when an HSM is configured.  It is understood that if an HSM is NOT in use, that B2Bi should function as it does today.

What is your industry? Banking
What is the idea priority? Urgent
DeveloperWorks ID
Link to original RFE
  • Attach files