Bookshelf Home | Contents | Index | PDF     

Security Guide for Siebel eBusiness Applications > About Security for Siebel Applications >

Industry Standards for Security

Siebel eBusiness Applications adhere to common security standards to facilitate the integration of its applications into the customer environment. Siebel Systems is not a vendor of specific security components; instead, Siebel applications are designed so that customers can choose a security infrastructure that best suits their specific business needs.

NOTE:  For more information about third-party products supported or validated for use with Siebel eBusiness Applications, see System Requirements and Supported Platforms on Siebel SupportWeb.

Supported standards include:

  • LDAP/ADSI. Siebel Systems provides preconfigured integration with Lightweight Directory Access Protocol (LDAP) and Active Directory Services Interface (ADSI) for user authentication purposes. For more information, see Security Adapters for LDAP/ADSI Authentication and Security Adapter Authentication.
  • SSL encryption and authentication. Protection of communications between Siebel eBusiness Application components (that is, Siebel Servers and Web servers) by using the Secure Sockets Layer (SSL) capabilities of supported Web servers. For more information, see Configuring Secure Communications.

    Communications between Siebel Servers and directory servers can use SSL. For more information, see Configuring Secure Communications for Security Adapter.

    Communications between Siebel Servers and email servers can use SSL. For more information, see Siebel Communications Server Administration Guide.

  • X.509 certificates. Siebel applications use the SSL capabilities of supported Web servers to enable authentication based on X.509 client certificates. For more information, see Digital Certificate Authentication.
  • RSA SHA-1 password hashing. Siebel user passwords can be hashed using the RSA SHA-1 algorithm. For more information, see Configuring Password Hashing.
  • RSA communications encryption. Communication between Siebel components can be encrypted using RSA encryption algorithms. For more information, see Configuring Secure Communications.
    • For supported UNIX platforms, Windows platforms, or cross-platform environments, Siebel Systems supports RSA Bsafe. RSA Bsafe is FIPS 140-1 certified.
    • For supported Windows platforms, Siebel Systems supports Microsoft Crypto. (If the Siebel Server and the Web server are installed on the same machine running Microsoft Windows, then you cannot use Microsoft Crypto. You can use it only when these components run on different Microsoft Windows machines.)
  • AES and RC2 data encryption. Siebel data can be encrypted using either Advanced Encryption Standard (AES) or RC2. Multiple key lengths are supported for AES and RC2. For encryption lengths greater than 56-bit RC2, you must install the Siebel Strong Encryption Pack. For more information, see Configuring Data Encryption.

To augment the security of your Siebel applications deployment, Siebel Systems has alliances with other leading security providers. Providers are listed as security software partners in the Alliances section of the Siebel Web page.

    
Security Guide for Siebel eBusiness Applications