Siebel Security Hardening Guide > Securing the Network and Infrastructure >

Securing the Siebel Reports Environment

Siebel Business Applications use Oracle Business Intelligence Publisher (Oracle BI Publisher) to generate Siebel reports. In a disconnected Siebel Reports environment, user authentication mechanisms are not required.

In the Siebel Reports connected environment, Oracle BI Publisher is installed separately from Siebel Business Applications and access to the BI Publisher Server is authenticated. To authenticate user access to the BI Publisher Server in a Siebel Reports connected environment, you can implement one of the following:

• Siebel Security Model. This model provides authentication using the EAI Application Object Manager.
• LDAP security model. This model provides authentication against a directory.

For information on these authentication options, see Siebel Reports Guide.

A Siebel Reports environment involves communications between two separate systems: Siebel Business Applications and Oracle BI Publisher. To prevent interception of data, secure the communications between Siebel Business Applications and Oracle BI Publisher using SSL. For information on configuring SSL, see Siebel Security Guide and the Oracle BI Publisher documentation on Oracle Technology Network.

Guidelines for Providing Additional Security for Oracle BI Publisher

To provide additional security for Oracle BI Publisher, the following steps are also recommended:

• Change default ports to nonstandard ports. As with other components, the Oracle BI Publisher installation is configured to run on a default set of ports.
• Implement operating system-level encryption to dynamically encrypt Oracle BI Publisher configuration files. Encrypting the configuration files protects them from being read by every user who has access to the BI Publisher Server.