Sales

Get Involved. Join the Conversation.

Topic

    Adam Liu
    CDM PII encryption/decryption from legacy CIS
    Topic posted February 27, 2019 by Adam LiuSilver Medal: 2,000+ Points, tagged Customer Data Mgmt, Groovy, Import/Export 
    119 Views, 8 Comments
    Title:
    CDM PII encryption/decryption from legacy CIS
    Summary:
    do we support encryption/decryption (e.g. AES, MD5)?
    Content:

    Hi,

    Customer has their own on-prem CIS system.

    We will import their contact data (e.g. first name, last name, SSN, TaxID) to CDM with file import. For PII data, they will give us encrypted value (with AES, SHA, MD5, etc.). Do we have feature to decrypt the data during/after we import it in CDM?

    Also, for on-going data integration, they will send us the encrypted SSN via SOA/OIC. Can we decrypt it before we populate it to CDM?

    I saw we have PGP support in Fusion HCM, ERP. Not sure if we can use it in CDM.

    Thanks,

    Adam

    Version:
    19A

    Comment

     

    • Jonathan Eastwood

      Ive never seen this no. But im far away from an CDM expert but been using OEC/OSC Since R4 and this has never popped up as a question

      • Adam Liu

        Thanks Jonathan.

        For PII data, we want to transmit them in secure way. That's why it's encrypted.

        I can see a few options for data integration.

        1. Perform decryption with crypto on SOA/OIC layer

        2. Leverage PGP, but not sure if this is supported or not in OEC/CDM.

        3. Decrypt the value with Groovy. But Groovy doesn't support AES/MD5.

         

    • abdelali bendaoudi

      Hi Adam

      As I have a similar use case for one of my client, I am interested on what scenario you have implemented for database encryption.

      Regards

      Abdelali

       

      • Adam Liu

        Abdelali,

        Since PGP is not available for OEC/CDM, we use TDE to protect the access on database level.

        We did use OSB (Oracle Service Bus) to encrypt (by using java crypto class) and decrypt PII before we populate PII to CDM via WS.

        Thanks,
        Adam

      • Adam Liu

        Abdelali,

        Since PGP is not available for OEC/CDM, we use TDE to protect the access on database level.

        We did use OSB (Oracle Service Bus) to encrypt (by using java crypto class) and decrypt PII before we populate PII to CDM via WS.

        Thanks,
        Adam

      • Adam Liu

        Abdelali,

        Since PGP is not available for OEC/CDM, we use TDE to protect the access on database level.

        We did use OSB (Oracle Service Bus) to encrypt (by using java crypto class) and decrypt PII before we populate PII to CDM via WS.

        Thanks,
        Adam

        • abdelali bendaoudi

          Hi Adam

          thank you for your reply. Very helpful.

          Would it be possible to share a short architecture schema ?

          Thanks

          Best Regards

          Abdelali