Best answer to encryption of client data

Similar Messages

• How to get the client date and time ?

  Dear Sirs...
  Using jdeveloper 10.1.2.0
  How can i get the client date and time using the HttpServletRequest ?
  thanks for any help in advance
  best regards

  If your code is running on the client pc you can just create a new instance of the java.util.Date class. That class automatically defaults to the current time of the client machine. Otherwise if you're running the code on the server, you could insert/post the client date/time by adding its string representation as a parameter to the HTTP request object.
  Ronald

• Using RSA to encrypt query string data

  If I want to use RSA to encrypt query string data, what is the industry standards for such a thing? I understand how the RSA works. Based upon that alone, I would just need to get the public key. However, I understand that it is safer to use a PKI to obtain that public key?
  Can someone tell me what is "best practice" for such a thing?

  If the third-party-site supports https:, you do NOT have to encrypt anything yourself. That's what https is for - the communication between the user-agent and the server is encrypted as part of the protocol, and all the complicated parts of insuring a secure channel are handled for you.
  If the secure site does not support htpps, then you can't use it. Which begs the question of why you are trying to do secure communication via HTTP POST with an insecure site.
  To clarify, so we're sure we're talking about the same scenario - there's your server (A), which generates pages for a user-agent (B), which pages point to a third-party site (C). Are you trying to protect your data from eavesdroppers? Or are you trying to hide it from B?
  In the first case, you have two options.
  1) If both A and C supports https, then all you need to do is build pages with https: URLs pointing at C, and you're done. B hits A using https: URLs, it gets pages back that point to C using https URLs, lots of crypto-magic happens under the covers without you haveing to worry about it, and your data is protected.
  2) If A and/or C do NOT support https, then you have to figure out how to encrypt communications between A and C. This is a private channel - we won't be able to help you much, because we don't know what C is expecting. Whatever C's protocol is, and whatever its key is, is what you'll need to implement in A, in order to talk to C.
  (If you're actually trying to hide data from B, while sticking it into a page that B has to render - ew. Just...ew. It's wrong on enough levels that I don't think I can adequately describe them all.)
  You asked about best-practices - 1) is it. 2) is not. Don't do that. No offense, but specially given your level of understanding of How Crypto Works, whatever you come up with is really really REALLY likely to be horribly flawed in a way that you won't see.
  Crypto is both easier and harder than you think it is. Your best bet is to use the standards that the community has hammered out - your data is much, much safer that way.
  Grant

• Migrate client data from Notes to Exchange 2010

  Hello!
  We have no administrator access to Lotus Notes server and therefore we want to perform the client data (mails and contacts) migration. We need to move the mails
  from Notes (8.5) to Outlook (2010 or older which will be connected to Exchange 2010).
  Question: is it possible to do it without purchasing additional migration software? If yes, then what is the best way to accomplish this?
  Thanks!

  DAMO 8.0.2 supports Outlook 2007
  It is available in two places:
  (1) The IBM Passport Advantage Website.
  (2) Located on the Lotus Notes "All Clients" CD in the Apps folder.
  Is there an 8 release of Domino Access for Microsoft Outlook?
  https://www-304.ibm.com/support/docview.wss?dc=DB520&rs=3025&uid=swg21265830&context=SSPQ69&cs=UTF-8&lang=en&loc=en_US&rss=ct3025lotus
  MCTS: Messaging | MCSE: S+M

• Best practise in SAP BW master data management and transport

  Hi sap bw gurus,
  I like to know what is the best practise in sap bw master data transport. For example, if I updated my attributes in development, what are the 'required only' bw objects should I transport?
  Appreciate advice.
  Thank you,
  Eric

  Hi Vishnu,
  Thanks for the reply but that answer may be suitable if I'm implementing a new BW system. What I'm looking for is more on daily operational maintenance and transport (a BW systems that has gone live awhile).
  Regards,
  Eric

• What is the best way to kill/stop a data load?

  Hi.
  What is the best way to kill/stop a data load?
  I have a data load from my QA R/3 system that is extracting 115.000.000+ records. The problem is that the selection in the function module used in the data source does not work, and the problem was not detected because of the nature of the data on the development system.
  I could kill processes owned by my background user (on both R/3 and BW) but I risk killing other loads, and sometimes the job seems to restart if I just try to kill processes. If I remove transactional RFCs in SM58 the load does not terminate; I only skip one or more datapackages. I have also tried to change the QM-status in the monitor to red, but that does not stop the load either...
  So isn't there a nice fool-proof way of stopping a dataload?
  Best regards,
  Christian Frier

  Hi,
  There r 2 ways to kill the job.
  One is using transation RSMO locate the job and display the status tab double click on the yellow light that is shown on the line total, a pop will come 'set overall status ' is displayed select the desired status that is red and save it. Then return to the monitor page and select the header tab double ckick on the data target right click and then goto 'manage',there should be request sitting there probably with yellow lights , highlight the line with the faulty request click the delete button then click refresh button.
  Second is goto SM37 and click on the active selection and enter the jobname and then click excute the particulr job should appear highlight the jobname then click on the stop iconthat appears on the taskbar( 3 rd from left)
  hope it is clear.
  Regards-
  Siddhu

• Best way to  back up your data

  Which is the fastest and best way to back up your data in case of any problem ? Still to transfer to an external HD ?
  Thanks

  Hi Ferro;
  Best and simplest way to back up is Time Machine to an external drive.
  I think that any backup plan should alway be to an external drive. If you backup to an internal drive and the Mac fails, what good is your backup then?
  Allan

• Best practice on extending the SIEBEL data model

  Can anyone point me to a reference document or provide from their experience a simple best practice on extending the SIEBEL data model for business unique data? Basically I am looking for some simple rules - based on either use case characteristics (need to sort and filter by, need to update frequently, ...) or data characteristics (transient, changes frequently, ...) to tell me if I should extend the tables, leverage the 'x' tables, or do something else.
  Preferably they would be prescriptive and tell me the limits of the different options from a use perspective.
  Thanks

  Accepting the given that Siebel's vanilla data model will always work best, here are some things to keep in mind if you need to add something to meet a process that the business is unwilling to adapt:
  1) Avoid re-using existing business component fields and table columns that you don't need for their original purpose. This is a dangerous practice that is likely to haunt you at upgrade time, or (worse yet) might be linked to some mysterious out-of-the-box automation that you don't know about because it is hidden in class-specific user properties.
  2) Be aware that X tables add a join to your queries, so if you are mapping one business component field to ATTRIB_01 and adding it to your list applets, you are potentially putting an unnecessary load on your database. X tables are best used for fields that are going to be displayed in only one or two places, so the join would not normally be included in your queries.
  3) Always use a prefix (usually X_ ) to denote extension columns when you do create them.
  4) Don't forget to map EIM extensions to the extension columns you create. You do not want to have to go through a schema change and release cycle just because the business wants you to import some data to your extension column.
  5) Consider whether you need a conversion to populate the new column in existing database records, especially if you are configuring a default value in your extension column.
  6) During upgrades, take the time to re-evalute your need for the extension column, taking into account the inevitable enhancements to the vanilla data model. For example, you may find, as we did, that the new version of the S_ADDR_ORG table had an ADDR_LINE_3 column, and our X_ADDR_ADDR3 column was no longer necessary. (Of course, re-configuring all your business components to use the new vanilla column can also be quite an ordeal.)
  Good luck!
  Jim

• Best practice for Plan and actual data

  Hello, what is the best practice for Plan and actual data?  should they both be in the same app or different?
  Thanks.

  Hi Zack,
  It will be easier for you to maintain the data in a single application. Every application needs to have the category dimension, mandatorily. So, you can use this dimension to maintain the actual and plan data.
  Hope this helps.

• Which the best adapter vga to plug a data show on a macbook pro, mini displayport or thunderbolt?

  which the best adapter vga to plug a data show on a macbook pro, mini displayport or thunderbolt?
  Why?
  Thanks pals.

  Use the Apple Cable Chooser:
  http://store.apple.com/us/browse/home/shop_mac/mac_accessories/cables/cable_choo ser

• Invisible client data MAM30

  hi all,
  we want to use MAM30:
  Backend: ERP 2005
  Middleware: NW2004s (MI 7.0) SP 15
  Client: MI 70 SP 15 Patch 1, DB2e, XMAM30_LAPTOP_SR05
  our problem is, that we cannot see any data in the XMAM30 - application.
  but: with http://localhost:4444/XMAM30_LAPTOP_SR05/start_full.jsp we can see that there are data in the client - database.
  there are orders, notifications , and so on, they seem to be ok.
  090 - usercustomizing has one TOP but no items
  after two days of reading notes and threads we have no idea how to solve this problem
  maybe one of you can help us?
  thanx!
  bernhard
  Edited by: Bernhard Hofer on Jun 20, 2008 7:20 AM

  hi chintan,
  thank you for reply!
  1. Can you see the data when you execute the GETLIST wrapper from your backend?
  yes, we get data ie with MAM30_001_GETLIST ....
  2. Also its necessary to install Db2E before xMAM installation.
  yes, we did install db2 before xmam - using a sequence-number
  3. Can you see the data in your middleware after you sync in merep_mon transaction?
  yes, we see data with merep_mon, there are no errors.
  4. Try restting the client data and sync once again.....
  we did - doesnt help
  we see data in the folder C:\Programme\SAP Mobile Infrastructure\data and we see data with the link
  http://localhost:4444/XMAM30_LAPTOP_SR05/start_full.jsp
  in the client trace we see some actions for "User: (SHARED)" - maybe this is wrong?
  i'm not sure what the right settings in MCD should be ...
  please reply if you have any more ideas, thanx a lot!
  bernhard

• How to display client date in oracle

  Hi All,
  How to display client system date in oracle. When I try to display date & time oracle displays server date and time but I need to display client date & time. How can I achieve that?
  Thank you

  user536769 wrote:
  How to display client system date in oracle. When I try to display date & time oracle displays server date and time but I need to display client date & time. How can I achieve that?As Nicolas says, you can't easily do this.
  The reason is that the SQL engine (and the PL/SQL engine) are processes running on the database server and so they pick up the server date/time. Those processes, running on that server have no knowledge of "client" machines and no way to connect to them. Network security ensures that one machine can't just get onto another machine and access it's operating system without any form of authorisation, hence the only way to achieve this is to have some way for the server to serve a java applet or some such thing to the client and the client user accept that applet to run on their machine and then that applet obtains the relevant details and passes it back to the server.
  Imagine if you wanted to write code on your client machine to go to you colleagues client machine and get the date/time from it, how easy would that be to do without your colleague authorising some part of your software to run on his machine?
  ;)

• Encrypting and Decrypting Data(Its Very Urgent, Please Help.)

  Hi,
  Can anyone tell me some idea in the below mentioned details.
  Iam creating a Function for Encrypting and Decrypting Data Values using
  DBMS_OBFUSCATION_TOOLKIT with UTL_RAW.CAST_TO_RAW by using
  Key Value as normal.
  But the problem, is it possible to have the key value more than 8.
  Its showing me error when i give the key value less than 8 or more than 8.
  Can u tell me why it happens, is that the limit of the key value or is any other way to do that.
  Its Very Urgent, Please Help.
  Thanks,
  Murali.V

  Is this what you're looking for?
  Usage Notes
  If the input data or key given to the DES3DECRYPT procedure is empty, then the procedure raises the error ORA-28231 "Invalid input to Obfuscation toolkit."
  If the input data given to the DES3DECRYPT procedure is not a multiple of 8 bytes, the procedure raises the error ORA-28232 "Invalid input size for Obfuscation toolkit." ORA-28233 is NOT applicable for the DES3DECRYPT function.
  If the key length is missing or is less than 8 bytes, then the procedure raises the error ORA-28234 "Key length too short." Note that if larger keys are used, extra bytes are ignored. So a 9-byte key will not generate an exception.
  C.

• How do you create Client Data Model Definition (cpx) in 10.1.2  struts proj

  I recently upgraded to 10.1.2 and am starting a new project with a BC4J model project and a struts view project, for the life of me I can't see how to create a New Client Data Model Definition in 10g! Searching through the help I couldn't find a clear answer either. Anyone? I must be missing something simple.

  Anyone know what I'm talking about?

• Best Practices to separate voice and Data vlans

  Hello All .
  I am coming to the community to get some advices on a specific subject .
  One of my customer is actually using vlan access-list to isolate it is data  from it is voice vlan traffic .
  As most of us knows VLAN ACLs are very difficult to deploy and manage at an access-port level that is highly mobile. Because of these management issues they have been looking for a replacement solution consisting of firewalls but apparently the price of the solution was too high in the sky .
  Can someone guide me towards security best practices when it comes to data and voice vlan traffic isolation please ?
  thanks
  Regards
  T.

  thomas.fayet wrote:Hi again Collin , May I ask you what type of fw / switches / ios version you are using for this topology ? Also is the media traffic going through your fw if one voice vlan wants to talk to another voice vlan ? rgds
  Access Switches: 3560
  Distro: 4500 or 6500
  FW: ASA5510 or Juniper SSG 140 (phasing out the Junipers)
  It depends. In the drawing above, no voice traffic would leave the voice enclave until it talks to a remote site. If we add other sites to the drawing, at a minimum call-sig would traverse the firewall and depending on the location of the callers, all voice traffic may cross the firewall. All of that depends on how you have your call managers/vm/voice gateways designed and where the callers are.