|
Siebel Security Guide > About Security for Siebel Business Applications >
Industry Standards for Security
Siebel Business Applications adhere to common security standards to facilitate the integration of its applications into the customer environment. Siebel Business Applications are designed so that customers can choose a security infrastructure that best suits their specific business requirements. Supported standards include:
- LDAP and ADSI. Siebel Business Applications provide preconfigured integration with LDAP and ADSI for user authentication purposes. For more information, see Security Adapters for LDAP and ADSI Authentication and Security Adapter Authentication.
- Communications encryption. Siebel Business Applications support the use of the following technologies for communications encryption:
- SSL encryption and authentication. Protection of communications between Siebel Business Application components (that is, Siebel Servers and Web servers) by using the SSL, version 3.0 capabilities of supported Web servers.
For information about the supported uses of SSL in Siebel Business Applications, see Types of Encryption. For information about configuring SSL, see Process of Configuring Secure Communications. For information on how to use SSL to secure user login credentials, see Implementing Secure Login. For information on how to configure Siebel Business Applications so that specific views use SSL over HTTP (HTTPS protocol), see Configuring a Siebel Web Client to Use SSL. For information on how communications between Siebel Servers and directory servers can use SSL, see Configuring Secure Communications for Security Adapters.
Communications between Siebel Servers and email servers can use SSL. For more information, see Siebel Communications Server Administration Guide.
- RSA communications encryption. Communication between Siebel components can be encrypted using RSA encryption algorithms. For more information, see Process of Configuring Secure Communications.
For supported UNIX or Windows environments, or environments in which both operating systems are supported, Siebel Business Applications support RSA Bsafe. RSA Bsafe is FIPS 140-1 certified.
- Microsoft Crypto. Siebel Business Applications support Microsoft Crypto for supported versions of Microsoft Windows. If the Siebel Server and the Web server are installed on the same computer running Microsoft Windows, then you cannot use Microsoft Crypto. You can use it only when these components run on different Microsoft Windows computers.
For more information, see Process of Configuring Secure Communications and Types of Encryption.
- X.509 certificates. Siebel Business Applications use the SSL capabilities of supported Web servers to enable authentication based on X.509 client certificates. For more information, see Digital Certificate Authentication.
- RSA SHA-1 password hashing. Siebel user passwords can be hashed using the RSA SHA-1 algorithm. For more information, see About Password Hashing.
- AES and RC2 data encryption. Siebel data can be encrypted using either Advanced Encryption Standard (AES) or RC2. Multiple key lengths are supported for AES and RC2. For encryption lengths greater than 56-bit RC2, you must install the Siebel Strong Encryption Pack. For more information, see About Data Encryption.
Siebel Business Applications do not provide direct support for the Security Assertion Markup Language (SAML) standard, but this standard can be implemented using third-party authentication products. About Security Products Supported by Siebel
To augment the security of your Siebel Business Applications deployment, Oracle has alliances with leading security providers. Providers are listed in the Security solution category at http://www.oracle.com/partnerships/isv/integration/search.html Oracle also provides a suite of security products, some of which have been certified for use with Siebel:
For more information about third-party products supported or validated for use with Siebel Business Applications, see Siebel System Requirements and Supported Platforms on Oracle Technology Network.
|
