| Bookshelf Home | Contents | Index | Search | PDF | |
Security Guide for Siebel eBusiness Applications > About Security Resources for Siebel Applications > Siebel Security Architecture >
End-to-End Encryption for Data Confidentiality
Encryption converts data into a ciphered form for transmission over a network. It safeguards data from unauthorized access. Stored data as well as transmitted data must be protected from intrusive techniques (such as sniffer programs) that can capture data and monitor network activity.
End-to-end encryption protects confidentiality along the entire data path: from the client browser, to the Web server, to the Siebel Server, to the database. Figure 2 shows the types of data encryption available in the Siebel environment.
Client Browser to Web Server
Siebel Systems provides zero-footprint Web applications that run in a standard Web browser. When a user accesses a Siebel application, a Web session is established between the browser and the Siebel Server. Secure Sockets Layer (SSL) protects against session hijacking when sensitive data is transmitted. Siebel applications support 128-bit SSL data encryption, an extremely secure level of protection for Internet communications.
Siebel customers can configure which Web pages (known as views) within the Siebel application use SSL. SSL can be configured on a page-by-page basis. For example, some customers use SSL only on the login page to protect the password transmission while other customers apply SSL to an entire application.
Web Server to Siebel Server
Siebel software components communicate over the network using a Siebel TCP/IP-based protocol called SISNAPI (Siebel Internet Session API). Customers have the option to secure SISNAPI using Secure Sockets Layer (SSL) or embedded encryption from RSA or Microsoft Crypto. These technologies allow data to be transmitted securely between the Web server and the Siebel Server with less risk of intrusion.
Siebel Server to Database
For secure transmission between the database and the Siebel Server, data can be encrypted using the proprietary security protocols specific to the database that a customer is using. To provide an additional level of security at this stage, Siebel applications support data encryption through integration with RSA Bsafe Crypto.
Database Storage
Siebel applications allow customers to encrypt sensitive information stored in the database so that it cannot be viewed without access to the Siebel application. Customers can configure Siebel software to encrypt a field of data before it is written to the database and decrypt the same data when it is retrieved. This prevents attempts to view sensitive data directly from the database.
| Bookshelf Home | Contents | Index | Search | PDF | |
Security Guide for Siebel eBusiness Applications Published: 23 June 2003 |
