Bookshelf Home | Contents | Index | PDF     

Siebel Security Guide > Communications and Data Encryption > Process of Upgrading Encrypted Data to a Higher Encryption Level >

Modifying the Input File

Before upgrading to a higher encryption level, you must modify the encrypt_colums.inp input file to list every table and column that you want to upgrade. The input file, encrypt_colums.inp, indicates the table and column that store the encrypted data, and the table and column that store the key index.

This task is a step in Process of Upgrading Encrypted Data to a Higher Encryption Level.

The following procedure describes how to modify the input file.

To modify the encrypt_columns.inp file

  1. Navigate to the SIEBEL_ROOT/ dbsrvr/bin directory where the input file is located.

    If you want to execute the Encryption Upgrade Utility from the command line, place this file in the SIEBEL_ROOT/ siebsrvr/bin directory.

  2. Using a text editor, edit the input file to include every column that you want to upgrade.

    The first line of the input file indicates a table name with brackets around it. On subsequent lines following the table name, list all the columns to be upgraded for that table.

    Each column that stores encrypted data requires a table column to store the key index, which is specified after the column name; for example:

    [TABLE_NAME]
    COLUMN_NAME TABLE_NAME_FOR_KEY COLUMN_NAME_FOR_KEY
    WHERE clause

  3. After each table, skip a line, and continue to list the columns for subsequent tables, as shown in the following example:

    [S_ORDER]
    CC_NUMBER S_ORDER CCNUM_ENCRPKEY_REF
    WHERE S.CC_NUMBER='1234567890'

    [S_DOC_ORDER]
    CC_NUMBER S_DOC_ORDER CCNUM_ENCRPKEY_REF
    WHERE S.CC_NUMBER='1231231231'

    [S_PER_PAY_PRFL]
    PAY_ACCNT_NUM S_PER_PAY_PRFL CCNUM_ENCRPKEY_REF
    WHERE S.CC_NUMBER='1231231231'

  4. When you have added information for every table column that you want to upgrade, save the input file.

About Using the Where Clause and Flags in the Input File

On the line following the name of each column to be upgraded, you can optionally specify the WHERE clause, the N flag, and the H flag for the column:

  • Use the WHERE clause if you want to partition the data to encrypt. Every column name that you specify for the WHERE clause must have the letter S added to the start of the column name. If you do not want to partition data, omit the WHERE clause, as in the following example:

    [S_ORDER]
    CC_NUMBER S_ORDER CCNUM_ENCRPKEY_REF
    WHERE

  • To support upgrade of non-encrypted fields to use encryption, add the letter N to the end of the column; for example:

    [S_NEW_TABLE]
    COLUMN_NAME S_NEW_TABLE NAME_KEY_INDEX
    N

  • If you want to enable search on the upgraded encrypted column, add the letter H to the end of the column; for example:

    [S_NEW_TABLE]
    COLUMN_NAME S_NEW_TABLE NAME_KEY_INDEX
    H

    This creates a hash column that stores the output, which results from applying the RSA SHA-1 algorithm to the plain text values of the encrypted column.

    If you want to enable search on an existing encrypted column, add the following entry in the input file to create a column which stores the hash value of the plain text in the encrypted column:

    [S_TABLE_NAME]
    COLUMN_NAME S_TABLE_NAME COLUMN_NAME_ENCRPKEY_REF
    H
    WHERE S.ROW_ID='123123'

    This creates a hash column that stores the output, which results from applying the RSA SHA-1 algorithm to the plaintext values of the encrypted column.

For more information about search on encrypted data, see Configuring Encryption and Search on Encrypted Data.

    
Siebel Security Guide Copyright © 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices.