An important element of security is confidentiality. Confidentiality ensures privacy by encrypting sensitive information. Various forms of encryption include data, network session, and file-based encryption. Encryption may be weak or strong, and can be based on any number of private or public encryption schemes. For a detailed description of WebFOCUS encryption features, see WebFOCUS Encryption Features.

WebFOCUS has its own encryption algorithms and also supports industry standard encryption algorithms. Passwords are always encrypted. WebFOCUS cookies and WebFOCUS Script (wfs) files can be encrypted. Procedures and Master Files can also be encrypted.

Secure Sockets Layer (SSL). One of the most common means to protect both the confidentiality and data integrity of Internet-based transmissions is the Secure Sockets Layer (SSL) protocol. This is a feature based on the RSA encryption algorithm available in both 40-bit and 128-bit implementations. SSL is considered secure because the amount of time and CPU resources required for decryption makes the information safe for a long period of time. The algorithm is designed in such a way that if any data is altered, it will fail its data integrity check upon receipt. For information about configuring SSL, see Configuring WebFOCUS in an SSL Environment.

DES and Triple DES Encryption. These optional encryption providers use Sun Java Cryptography Extension (JCE) library and are supported only with the Java Servlet (WFServlet) implementation of the WebFOCUS Client. The Triple DES providers use the stronger Cypher Block Chaining (CBC) mode option. You can specify an external encryption key for both provider types. These providers override the encryption class used to protect WebFOCUS cookies, Managed Reporting passwords, Business Intelligence Dashboard public passwords, and WebFOCUS Reporting Server user IDs and passwords. For information about configuring DES or Triple DES encryption, see WebFOCUS Encryption.

WebFOCUS Servlet Alternate Encryption Exit. The WebFOCUS Servlet Alternate Encryption exit allows developers to invoke an alternate algorithm for encrypting and decrypting WebFOCUS cookies and Managed Reporting passwords in the basedir/user.htm file, replacing the WebFOCUS internal cookie algorithm. This exit is only supported for the Servlet implementation of the WebFOCUS Client.

WFS File Encryption. Among the WebFOCUS configuration files are several WebFOCUS Script (WFS) files, which may be protected using the ENCRYPT command. Some script files can be encrypted by checking the ENCRYPT check box in the WebFOCUS Administration Console. When files are encrypted, they are secure from unauthorized examination. You can decrypt an encrypted file to view it.