How To Add Attribute-Level Encryption
Assume that you have added an attribute-level encryption to a CA IdentityMinder directory. CA IdentityMinder automatically encrypts existing clear text attribute values when you save the object which is associated with the attribute. For example, encrypting the password attribute encrypts the password when it saves the profile of the user.
Note: To encrypt the attribute value, the task that you use to save the object must include the attribute. To encrypt the password attribute in the previous example, make sure that the password field is added to the task you use to save the object, such as the Modify User task.
All new objects are created with encrypted values in the user store.
Follow these steps:
Persists the attribute value in an encrypted form in the user store.
Hides the attribute value in CA IdentityMinder screens. For example, a password is displayed as asterisks (*).
For example:
<ImsManagedObjectAttr physicalname="salary" displayname="Salary" description="salary" valuetype="String" required="false" multivalued="false" maxlength="0" searchable="false"> <DataClassification name="AttributeLevelEncrypt"/> <DataClassification name="sensitive"/>
Note: For more information about the Bulk Loader, see the Administration Guide.
|
Copyright © 2013 CA.
All rights reserved.
|
|