Skip Headers
Siebel CRM Siebel Security Guide
Siebel Innovation Pack 2015
E24814-01
  Go to Documentation Home
Home		 Go To Table Of Contents
Contents		 Go To Index
Index
Previous
Previous 		 Next
Next		     View PDF

Configuring Encryption and Search on Encrypted Data

This topic describes how to use Siebel Tools to enable encryption for a column in a database table and to enable search on the encrypted column.


Note:

For help with encrypting columns in database tables, you must contact your Oracle sales representative for Oracle Advanced Customer Services to request assistance.

You encrypt a column and its data by specifying values for certain parameters of the column in the database table. You can also enable search on the encrypted data by creating an additional column (hash column) that stores the result of applying the RSA SHA-1 algorithm to the plain text value of the encrypted data. Search can be case-sensitive or case-insensitive depending on how you configure search.

The following procedure describes how to encrypt data and, optionally, how to enable search on this data. Before carrying out the procedure, note the following points:

To encrypt a column and enable search on the encrypted column in a database table 

  1. Start Siebel Tools.

  2. Select the column in the database table that contains the data you want to encrypt.

  3. Add values to the following parameters of the column you selected in 2:

    • Computation Expression. Specify the algorithm to encrypt data in the column as follows:

      Siebel Encrypt.AES [ColumnName])

      For information on the Siebel AES encryption options, see "About Data Encryption". To implement AES (recommended), you must use Siebel Strong Encryption. For more information, see "About Siebel Strong Encryption".

    • Encrypt Key Specifier. Specify the column that stores the index number to the key file.

  4. If you want to allow search on encrypted data, then create another column with a name of your choice or with the following name format:

    C_HASH_NAME

    where Name is the name of the column you selected in 2.

    C_HASH_NAME stores the value that results from applying the RSA SHA-1 algorithm to the plain text values of the column you selected in 2.

    The following table lists the syntax for a number of search scenarios.

    Scenario Enter these values
    Encrypt data in column C_SSI using the AES algorithm For Computation Expression, enter: 
    SiebelEncrypt.AES ([C_SSI])

    For Encrypt Key Specifier, specify the column that stores the index key for the key file. For example:

    C_KeyIndex
    To enable case-sensitive search on the data that you encrypt in column C_SSI, you create an additional column C_HASH_SSI Enter the following syntax in the field for the Computation Expression of column C_HASH_SSI: 
    SiebelHash.SHA1 ([C_SSI])
    To enable case-insensitive search on the data that you encrypt in column C_SSI, you create an additional column C_HASH_SSI Enter the following syntax in the field for the Computation Expression of column C_HASH_SSI: 
    SiebelHash.SHA1CI ([C_SSI])

    Now do one of the following:

    • If the column that you have enabled for encryption does not yet contain data, then there are no further steps to perform.

    • If the column that you have enabled for encryption does contain data, then proceed to Step 5.

  5. If the database column that you have enabled for encryption previously contained data, then run the Encryption Upgrade utility (encryptupg.exe) to encrypt the existing data and, if applicable, to create searchable hash values for the data.

    Encrypt existing data immediately after you configure a column for encryption. You can create searchable hash values for the column at a later time if you choose. For information on using the encryptupg.exe utility, see "About Upgrading Data to a Higher Encryption Level".

  Previous
Previous 		 Next
Next
  Go to Documentation Home
Home		 Go To Table Of Contents
Contents		 Go To Index
Index