Bookshelf Home | Contents | Index | PDF     

Siebel Security Guide > Communications and Data Encryption > Types of Encryption >

Data Encryption

To make sure that information remains private, Siebel Business Applications support the use of the following encryption technologies for storing data:

  • AES database encryption. Siebel Business Applications allow customers to encrypt sensitive information stored in the Siebel database (for example, credit card numbers, Social Security numbers, birth dates, and so on) so that it cannot be viewed without access to the Siebel application.

    Customers can configure Siebel Business Applications to encrypt a column's data before it is written to the database and decrypt the same data when it is retrieved. This encryption prevents attempts to view sensitive data directly from the database. Sensitive data can be encrypted by using AES encryption at various key lengths. Encryption can be enabled using Siebel Tools. For more information, see About Data Encryption.

    NOTE:  Implement AES encryption using Siebel Strong Encryption for increased data security.

    Siebel Business Applications also use AES encryption to encrypt passwords stored in the siebns.dat file. The siebns.dat file stores information required by the Siebel Gateway Name Server. For more information about encrypted passwords in the siebns.dat file, see About Encryption of Gateway Name Server Password Parameters.

  • RC4 encryption. Siebel Business Applications use RC4 encryption to encrypt passwords stored in the Auto-Login Credential Cookie. For more information about the Auto-Login Credential Cookie, see Auto-Login Credential Cookie.
  • RSA SHA-1 password hashing. Siebel administrators can enable password hashing for user passwords or for database credentials. Hashing uses a one-way hashing algorithm. The default password hashing method is RSA SHA-1. (The previous mangle algorithm is still available for existing customers.)

    The Siebel administrator password is stored in the Gateway Name Server file, siebns.dat, and is not hashed; passwords in siebns.dat are encrypted using AES encryption.

    Password hashing invalidates the password to unauthorized external applications and prevents direct SQL access to the data by anything other than Siebel Business Applications. For more information, see About Password Hashing.

  • Encryption of the Siebel File System and server disks containing Siebel Business Applications data. It is recommended that you encrypt the Siebel File System and all server disks containing Siebel Business Applications data using third-party products or encryption features provided by your operating system. For information on the encryption technologies available, see the relevant operating system or third-party documentation. For additional information about securing the Siebel File System, see Siebel Security Hardening Guide.
      
Siebel Security Guide Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices.