Siebel Security Guide > About Security for Siebel Business Applications >

Industry Standards for Security

Siebel Business Applications adhere to common security standards to facilitate the integration of its applications into the customer environment. Siebel Business Applications are designed so that customers can choose a security infrastructure that best suits their specific business needs.

Supported standards include:

• Lightweight Directory Access Protocol (LDAP) and Active Directory Service Interfaces (ADSI). Siebel Business Applications provide preconfigured integration with LDAP and ADSI for user authentication purposes. For more information, see Security Adapters for LDAP and ADSI Authentication and Security Adapter Authentication.
• Communications encryption. Siebel Business Applications support the use of the following technologies for communications encryption:
  • Secure Sockets Layer (SSL) and Transport Layer Security (TLS) encryption and authentication. TLS is the successor to SSL and is based on the SSL protocol specifications. SSL or TLS can be used to protect communications between the following:
    • Siebel Business Applications components, that is, Siebel Servers and Web servers.
    • Siebel Web servers and Siebel Web Clients, if support for these protocols is provided by the Web server. The use of SSL or TLS for Web server and Siebel Web Client communications is transparent to Siebel Business Applications.
    • Siebel Servers and Microsoft Exchange Server email servers (SSL) or Siebel Servers and Microsoft Exchange Server 2007 or 2010 email servers (TLS).

      NOTE:  The functionality described in this topic requires that you install Siebel CRM Release 8.1.1.8 or later, or 8.2.2.1 or later. For information, see the applicable Siebel Maintenance Release Guide on My Oracle Support.

      The following table lists topics that provide information on configuring SSL and TLS.

      Information Type	Topic
      Restricting access to specific views to URLs that use SSL or TLS.	Configuring a Siebel Web Client to Use HTTPS
      Configuring SSL and TLS for communication between Siebel components.	Process of Configuring Secure Communications
      Using SSL or TLS to secure user login credentials.	Implementing Secure Login
      Using SSL to secure communications between Siebel Servers and directory servers.	Configuring Secure Communications for Security Adapters

  • RSA communications encryption. Communication between Siebel components can be encrypted using RSA encryption algorithms. For more information, see Process of Configuring Secure Communications.

    For supported UNIX operating systems, Windows operating systems, or cross-operating system environments, Siebel Business Applications support RSA BSAFE. RSA BSAFE is FIPS 140-1 certified.

  • Microsoft Crypto. For supported Windows operating systems, Siebel Business Applications support Microsoft Crypto. If the Siebel Server and the Web server are installed on the same computer running Microsoft Windows, then you cannot use Microsoft Crypto. You can use it only when these components run on different Microsoft Windows computers. For more information, see Process of Configuring Secure Communications and Types of Encryption.
• X.509 certificates. Siebel Business Applications use the SSL capabilities of supported Web servers to enable authentication based on X.509 client certificates. For more information, see About Digital Certificate Authentication.
• RSA SHA-1 password hashing. Siebel user passwords can be hashed using the RSA SHA-1 algorithm. For more information, see About Password Hashing.
• AES and RC2 data encryption. Siebel data can be encrypted using either Advanced Encryption Standard (AES) or RC2. Multiple key lengths are supported for AES and RC2. Encryption lengths greater than 56-bit RC2 are supported using the Siebel Strong Encryption Pack. For more information, see About Data Encryption.

NOTE:  Siebel Business Applications do not provide direct support for the Security Assertion Markup Language (SAML) standard.