Bookshelf Home | Contents | Index | Search | PDF

Security Guide for Siebel eBusiness Applications > Communications and Data Encryption >

Types of Encryption

---

Encryption is a method of encoding data for security purposes.

Some methods of encrypting, such as 128-bit encryption, are so difficult to break that U.S. export laws permit them to be used only within the United States. To avoid legal restrictions, Siebel Systems does not embed any encryption technology in its products. Instead, Siebel applications support industry standards for secure Web communications and encryption of sensitive data such as passwords.

To make sure that information remains private, the Siebel Smart Web Architecture uses the following encryption technology for transmitting and storing data:

SSL for Web client connections. For data security over the Internet, Siebel applications use the Secure Sockets Layer (SSL) capabilities of its supported Web server platforms to secure transmission of data between the Web browser and the Web server.

Siebel applications can be configured to run completely under HTTPS, have specific pages run under HTTPS, or simply handle login requests under HTTPS.

SSL for connection to LDAP/ADS. Secure Sockets Layer (SSL) can be used for connection to LDAP/ADS directories.

NOTE:  With SSL enabled between the Siebel Server and the LDAP directory, only Sun ONE Directory Server has been completely tested by Siebel Systems. IBM Directory Server and Novell NDS eDirectory have not been tested with SSL. Siebel Systems cannot certify that SSL connectivity to these directories will work correctly.

Encryption for SISNAPI connections (SSL, Microsoft Crypto, or RSA). For communications between Siebel components, Siebel administrators can enable encryption for SISNAPI (Siebel Internet Session API). SISNAPI is a TCP/IP-based Siebel communications protocol that provides a security and compression mechanism for network communications.

SISNAPI encryption can be based on Secure Sockets Layer (SSL) or on Microsoft Crypto API or RSA algorithms, and works across multiple operating system platforms.

SSL also supports certificate authentication between the Web server and the Siebel Server, or between Siebel Servers.

Database encryption. Siebel applications allow customers to encrypt sensitive information stored in the Siebel Database (for example, credit card numbers, Social Security numbers, birth dates, and so on) so that it cannot be viewed without access to the Siebel application.

Customers can configure Siebel software to encrypt field data before it is written to the database and decrypt the same data when it is retrieved. This prevents attempts to view sensitive data directly from the database.

Sensitive data can be encrypted using the RC2 Encryptor. RC2 encryption can be enabled for business component fields using Siebel Tools. For more information, see Business Component Encryption and RC2 Encryption Administration.

Password encryption. Siebel administrators can also enable password and credentials encryption. This invalidates the user ID and password to unauthorized external applications and prevents direct SQL access to the data by anything other than Siebel eBusiness Applications. For more information, see Password Encryption.

Figure 6 shows the types of encryption available in the Siebel application environment.

Figure 6.  Communications Encryption in the Siebel Application Environment

Bookshelf Home | Contents | Index | Search | PDF