Encrypting Columns in a Business Component

The following example procedure shows you how to create a new encrypted field/column named Password for the Account business component. Note the following requirements:

• The encrypted column must be larger than the largest value you want to encrypt. That is, (4x +10) times larger where x is the longest password allowed. If you allow a 20 character password, then you need 90 characters (4*20+10) for the encrypted field/column.

• For encryption to work, a minimum of two columns are required as follows:

  • The column that you want to encrypt (in the following example, this is PASSWORD).

  • A second column, which stores the Encryption Key Specifier, or the index number to the key file (PASSWORD_ENCRYPKEY_REF).

To encrypt a column in the Account BusComp 

1. Locate the base table where data is stored for the Account BusComp.

   Since Account BusComp is an S_PARTY BusComp, use the Inner Join Extension Table 1 (S_ORG_EXT).

2. Navigate to S_ORG_EXT and extend it to include the following new columns:

   1. PASSWORD_ENCRYPKEY_REF. This column stores information about the key file that is used to encrypt the password field (of size VARCHAR(30)).

   2. PASSWORD. This column stores the encrypted password and contains the following attributes:

      • The VARCHAR size must be (4x +10) times larger than the longest possible password.

      • The Computation Expression is SiebelEncrypt.AES([PASSWORD]).

      • The Encrypt Key Specifier is PASSWORD_ENCRPKEY_REF.

   3. C_HASH_PASSWORD (Optional). This column allows case-sensitive searches against the encrypted column:

      • The VARCHAR must be the same size as PASSWORD.

      • Set the Computation Expression to SiebelHash.SHA1 ([C_PASSWORD]).

   4. C_HASH_PASSWORD_CI (Optional). This column allows case-insensitive searches against the encrypted column:

      • The VARCHAR must be the same size as PASSWORD.

      • Set the Computation Expression to SiebelHash.SHA1CI ([C_PASSWORD]).

3. Return to the Account Business Component and add new fields based on the columns created in Step 0

4. To partially show a field in the UI (for example, to show a partial credit card number as xxxxxxxxxxx1234), perform the following configuration steps:

   1. Create a new field named "Field Name - Display".

   2. Mark it as a Calculated Field with no Calculated Value attribute.

   3. Create the following Field User Properties for the calculated field.

      • Encrypt Source Field. The name of the field that stores the actual encrypted field (for example: "Password").

      • Display Mask Char. The character to be used to mask part of the encrypted string (for example: "x").

   4. Add the calculated field to the appropriate applets.