Data Security in vCloud Air
Not being a security expert but more of a data at rest question,are countries where data security is a requirement able to prove that vCloud Air will only leave data in their country of origin and is there a document that states that a workload will reside in 1 datacenter and not move to another one ?
Actually - there is a document that says this... it's in our Data Privacy Addendum- a part of the legal Terms of Service.
2.8 Transfer of Data. You will select the location of Your Content. You consent that we will store Your Content in the location that you choose when you purchase a specific Service Offering. By uploading Your Content into the Service Offering, you may transfer and access Your Content from around the world, including to and from the location in which Your Content is maintained. To the extent you provide Your Content in connection with customer support, you acknowledge and agree that we may handle Your Content in any country in which we or our subcontractors maintain facilities. If you are a customer in the European Union or Switzerland, you acknowledge and agree that the Service Offering storage location you choose for Your Content, and the location in which Your Content is Processed for customer support, may be in countries where the laws do not protect your personal information to the same extent as the laws in your country. We will implement measures to ensure that we provide adequate protection for Your Content that we Process on your behalf. To this end, we will maintain an appropriate safe harbor certification with the US Department of Commerce (or an equivalent data export solution) when you transfer Your Content to us from the European Union or Switzerland. - See more at: https://www.vmware.com/support/vcloud-air/data-privacy-addendum.html#sthash.CBYM8UBm.dpuf
Similar Messages
-
Data security with iPhone sync to First Class over Rogers network
I manage about 20 iPhones over the Rogers network in Southern Ontario. We use them to sync Contact and Calendar info to our First Class email system and to collect email via an IMAP connection to First Class. I've got some users concerned about data security when they sync their calendars and contacts and about the vulnerability of their email. Most of these concerns come from former BlackBerry users who felt their data was encrypted with a BlackBerry and now isn't with the iPhone. Oh ya, I've set up the calendar and contact sync by using instructions my Apple rep gave me. Basically you set up an Exchange account and leave out the domain name and the iPhone syncs with First Class perfectly.
Any thoughts?
ThanksThe iPhone's Mail client supports SSL for the incoming and outgoing mail server, but supporting a connection using SSL depends on the email account provider. If you control this, enable connecting to the incoming and outgoing mail server via SSL and require doing so when accessing the account with the iPhone's Mail client.
I don't know what security is included when connecting to an Exchange server via ActiveSync for over the air syncing for contact info and calendar events, but since this is used by businesses, the connection should be secure. -
How to get the data from mysql database which is being accessed by a PHP application and process the data locally in adobe air application and finally commit the changes back in to mysql database through the PHP application.
If the data is on a remote server (for example, PHP running on a web server, talking to a MySQL server) then you do this in an AIR application the same way you would do it with any Flex application (or ajax application, if you're building your AIR app in HTML/JS).
That's a broad answer, but in fact there are lots of ways to communicate between Flex and PHP. The most common and best in most cases is to use AMFPHP (http://amfphp.org/) or the new ZEND AMF support in the Zend Framework.
This page is a good starting point for learning about Flex and PHP communication:
http://www.adobe.com/devnet/flex/flex_php.html
Also, in Flash Builder 4 they've added a lot of remote-data-connection functionality, including a lot that's designed for PHP. Take a look at the Flash Builder 4 public beta for more on that: http://labs.adobe.com/technologies/flashbuilder4/ -
Data security for multiple data sources
Dear BO guru's,
I am struggling with a brainbraker on authorizations on Universes since quite some time.
I am not a BO guru so hopefully someone can help me with this.
I (more or less) know the concept of data security in BO: users can be restricted on data level in (mainly) two ways:
1) with roles in CMC and with restrictions in Universe Designer.
OR
2) with a DB table that contains all authorized values per user and per field (i.e. John can see data for country UK)
The first is easy to set up, but hard to maintain.
The second is difficult to set up, but very flexible.
Now here is the problem...
Supporse your BO server is connected to different source systems (i.e. an SQL server, an Oracle server...) and you want only one universe to get data from all systems at the same time and display it in one report.
If I am not mistaken, this means we need a data federator.
...My questions:
1) Is there a possibility to do this without a data federator (but still have one universe to build my report or dashboard on)?
2) Where do I keep the table with authorizations for the users? Is that a database of the BO Enterprise server, a seperate data base, or in a table of one of the source systems (SQL, Oracle...)?
As this questions keeps me busy since long time, I would be very grateful to have your help.
It seems hard to find information on this.
Thanks a lot in advance!
UniverseDummy1) Is there a possibility to do this without a data federator (but still have one universe to build my report or dashboard on)?
Apart from the Data Federator, you can either use an ETL tool to load your data into a single Datawarehouse or wait until XI 4.0
2) Where do I keep the table with authorizations for the users? Is that a database of the BO Enterprise server, a seperate data base, or in a table of one of the source systems (SQL, Oracle...)?
If you are going to use the Data Federator then you can create the table in one of your source systems and add it as a data source in your DF project.
Regards,
Stratos -
How do I transfer all my data from an iPad Air wifi 32 GB to a brand new iPad Air 2 64GB?
I received right now a brand new iPad Air2 wifi 64 GB. How do I transfer ALL MY DATA from another iPad Air wifi 32 GB ?
Back up your old one. I use and prefer iTunes, but back up all the data, etc.
Then unplug it. Plug your new one in and go through the setup steps. When you see the option to set up as new or restore from the backup you just made, choose that and your new iPad will be a near clone of the old one.
http://support.apple.com/en-us/HT2109
has step to step instructions.
If you are going to get rid of your old iPad, read this before you do so, just to make sure you're not inadvertantly selling someone a brick
Selling an iPad
http://support.apple.com/kb/HT5661 -
How do I transfer all my data from an iPad Air 32 GB wifi to a new iPad Air 2 wifi 64 GB?
I received right now a brand new iPad Air wifi 64 GB.
How do I transfer all my data from an iPad Air wifi 32 GB, with no more space in iCloud?
Thanks a lot.iOS- Transferring information from your current iPhone/iPad/iPod touch to a new device
Transfer content from an iPhone, iPad, or iPod touch to a new device
iTunes Store- Transferring purchases from your iOS device or iPod to a computer
How to re-download purchased apps from the App Store -
I have not been able to back up for2 days. Time machine error message: /Volumes/Data/David’s MacBook Air.sparsebundle” is already in use.
What now?
Macbook Air.
Was working fine for the past year until now.See more like this on the right.. this is the most common error reported here since mountain lion came out..
Or read C12.. http://pondini.org/TM/Troubleshooting.html
Or just restart the whole network.. in right order from off.. modem.. router / TC.. clients 2min gap. -
How do i transfer my data from a Macbook Air to a iMac?
How do i transfer my data from a Macbook Air to a iMac?
Transfer from Old to New
http://web.me.com/pondini/AppleTips/Setup.html -
OBIEE-EBS data security integration
Hi all,
I am trying to implement the HR-Org based data security in EBS-OBIEE integration.
After creating the initialization blocks EBS Single Sign-on Integration,Get Oracle EBS Security Context,Group-EBS Responsibility I have created a new initialization block HR Organizations to populate the session variable "HR_ORG" and I am using the following the query.
Even though the session variables GROUP and USER are getting their values correctly and integration works fine, the variable HR_ORG says "has no value definition".
[nQSError: 10058] A general error has occurred. [nQSError: 23006] The session variable, NQ_SESSION.HR_ORG, has no value definition. (HY000)
SQL Issued: SELECT "Per Business Groups"."Business Group Id", VALUEOF(NQ_SESSION.HR_ORG) FROM HR
Please help me for implementing the data security after the EBS-OBIEE integration..
For populating HR_ORG variable by row wise initialization:
SELECT DISTINCT 'HR_ORG',TO_CHAR(SEC_DET.ORGANIZATION_ID)
FROM
SELECT
'HR_ORG', ASG.ORGANIZATION_ID
FROM
FND_USER_RESP_GROUPS URP
,FND_USER USR
,PER_SECURITY_PROFILES PSEC
,PER_PERSON_LIST PER
,PER_ALL_ASSIGNMENTS_F ASG
WHERE
URP.START_DATE < TRUNC(SYSDATE)
AND (CASE WHEN URP.END_DATE IS NULL THEN TRUNC(SYSDATE) ELSE TO_DATE(URP.END_DATE) END) >= TRUNC(SYSDATE)
AND USR.USER_NAME = ':USER'
AND USR.USER_ID = URP.USER_ID
AND TRUNC(SYSDATE)
BETWEEN URP.START_DATE AND NVL(URP.END_DATE, HR_GENERAL.END_OF_TIME)
AND PSEC.SECURITY_PROFILE_ID = FND_PROFILE.VALUE_SPECIFIC('PER_SECURITY_PROFILE_ID', URP.USER_ID, URP.RESPONSIBILITY_ID, URP.RESPONSIBILITY_APPLICATION_ID)
AND PER.SECURITY_PROFILE_ID = PSEC.SECURITY_PROFILE_ID
AND PER.PERSON_ID = ASG.PERSON_ID
AND TRUNC(SYSDATE) BETWEEN ASG.EFFECTIVE_START_DATE AND ASG.EFFECTIVE_END_DATE
AND URP.RESPONSIBILITY_ID = DECODE(FND_GLOBAL.RESP_ID,
-1, URP.RESPONSIBILITY_ID,
NULL, URP.RESPONSIBILITY_ID,
FND_GLOBAL.RESP_ID)
UNION
SELECT DISTINCT 'HR_ORG',
ORGANIZATION_ID
FROM PER_ALL_ASSIGNMENTS_F ASG,
FND_USER USR
WHERE ASG.PERSON_ID = USR.EMPLOYEE_ID
AND USR.USER_NAME = ':USER'
AND TRUNC(SYSDATE) BETWEEN ASG.EFFECTIVE_START_DATE AND ASG.EFFECTIVE_END_DATE
AND ASG.PRIMARY_FLAG = 'Y'
) SEC_DET
Thx!Duplicate post see Re: obiee-ebs data security integration
-
Data security (Data from SAP BW) for AD users
Hi All,
I have a scenario.
BO env : Business Objects 3.1 Sp3
Sap Integration kit Sp3
My target is to implement AD SSO & also provide data security for data from SAP BW. Currently there are no roles & authorization defined in the sap System. My plan was
Step 1:- Implement AD SSO in Business Objects
Step 2: Map the AD users in SAP system
Step 3:- Crate roles in SAP System
Step 4:- Assign the users roles
Steps 5:- (Not sure) :- Map the users (Now in SAP) to BO & then aliases them with the users from AD.
Pleas let me know if this would be correct approach... if not please suggest.... I am kind of new to SAP BO integration with experience in BO adminStep 1: Setup Windows AD SSO on your BOBJ server
Step 2: Import Windows AD groups in BO
Step 2- Setup Server-side SNC between BO and your SAP system
Step 3:- Create roles in SAP System and import them in BO
Step 4:- Assign SAP users the created roles
Step 5: - In the CMC create SAP aliases for your Windows AD accounts
Step 6: - Setup your reports and/or universe connections to use SSO.
For more information on server side SNC check the installation guide of the integration Kit.
Regards,
Stratos -
Using Data Security under Functional Developer / User Manager
Has anyone succesfully carried out any Data Security policies in Oracle Apps. I would like to get details on this.
Thanks in advance.Actually the other scripts on the http://www.petefinnigan.com/tools.htm site seem to do the trick where you can check for who has DBA and who has SELECT ANY TABLE.
The next questions is .... what other privs should I be concerned with? Just want to make sure I am checking for all possibilities of access to a particular object. -
In my MDB file databases (Jet 4.x format) I turn on both compression and encryption. This gives me data security from without, meaning, I can't open a MDB file in a Word Processing software (or otherwise) and read the data in a humanly recognized
format. But I am also using MIMEbase64 encoding of my stored data so that the data is humanly unreadable from within - meaning that anyone performing an SQL query will not be able to humanly read the data in my database. I do the decoding
(from MIMEbase64) within my end-user software interfaces to the databases.
I found out just recently (last few months) that I can do this from Win32 Perl, so I encorporated this feature into my Perl database applications. Only thing is that MIMEbase64 increases the size of the data stored.
Is there a better encoding strategy available today which might actually compress the data a little?INSTRUCTIONS FOR SECURE/CUSTOM (non-formula based) TEXTFILE ENCODING (should be undecipherable w/o mappings file):
by Eric C. Hansen. You may freely use these encoding instructions, and the code I have provided, but please
acknowledge me as the author where credit is due - such as in a publication. And do not try to sell it.
However, any code I have provided you may freely use in any programs you write to be sold for your own profit,
except you may not attempt to sell this encoding scheme (or my code provided), as a generic encoding tool, for
general use, to be marketed as a turn-key custom encoding solution.
(1) Create a unique code list
Using the characters: A-Z a-z 0-9 only. That's 62 characters only.
62 (1 char codes) + 3844 (2 char codes) + 238,328 (3 char codes) = 242,234 total codes
62x1 + 62x62 + 62x62x62
REMINDS ME of my college Genetics course i.e. dominant/recessive trait inheritance tables
EXAMPLE CODES: a, k, 3c, A4, xy1, H8j
(2) Create a unique word(+punc) list from your textfile which is to be encoded. You know how to do this.
Example of 9 words(+punc) found between whitespace within a textfile input line:
"Hello", this is Mr. Bell-va-deer. My number is 999-342-8998.
1 2 3 4 5 6 7 8 9
PERL code for STEPS 3-7 is provided below. Code for STEP 1 above was previously provided.
You should have little trouble writing the textfile encode/decode logic yourself.
(3) Read your list of unique codes into an array.
(4) Read your list of unique words(+punc) into another array.
LOOP #-- 0 to number of elements in words array
(5) select a random code and a random word(+punc) from the 2 arrays.
(6) now remove that code and that word(+punc) from each array using "splice".
(7) then save them as key/val pairs to persistent Perl SDBM database files ("mappings").
END LOOP
(8) Once you have your persistent, random code/word mappings, you can convert your textfile
to an encoded textfile. Read in one line at a time from your textfile (chomp), parse the words(+punc.)
between whitespace within that line, then for each word(+punc) parsed, perform
the word-to-code mapping conversions by doing a lookup within the Perl SDBM database
file of key/val pairs, where KEY=word and VAL=code. You will then need to
concatenate these codes (space delimited) to your outputline, in the same order as found in your
inputline, finally writing the outputline (newline "\n" terminated) to your new encoded textfile.
(9) Keep your persistent Perl SDBM database file ("mappings") in SAFE KEEPING, with a naming
convention of your choice that perhaps hides any relationship to the name of
your encoded text document - which it specifically pertains to. But keep a record of that joint
relationship somewhere. Keep a copy of both the original textfile and the encoded textfile,
or perhaps you'd like to keep just the encoded textfile?, and not the original? You can always decode it.
(10) Send your encoded text document via email as an attachment, to the recipient of your choice.
(11) Upload your persistent Perl SDBM database "mappings" file to your secure login FTP download site.
NOTE: If your encoded text document is very large, you may want to reverse 10 & 11, putting the encoded file
on the FTP site, and sending the Perl SDBM database file ("mappings") as the email attachment.
(12) Call your recipient to see if they have received the encoded textfile, email attachment.
Let them know that the "mappings" file is uploaded for them to download from the FTP site.
You can have a LINGO you both use/know on the phone, to secretly convey this message, if you like,
to avoid possible interception of this sensitive information.
Recipient will then take the encoded textfile email attachment, the FTP downloaded "mappings" file,
and place them both in a directory on their PC where the Perl decoding program is located which you
had previously sent them to handle all the decoding anytime you send them an encoded textfile + "mappings".
Recipient will run the Perl decoding utility program to create the original textfile.
use Win32; #-- as you can see, I use a Windows O/S Perl distribution.
use IO::Handle;
use SDBM_File; #-- my understanding is this module comes standard with every Perl distribution
use Fcntl;
$PWD=Win32::GetCwd(); #-- get current working directory on Windows O/S platform.
srand; #-- random seeding initiated, do this just once at top.
@codesARR=(); @wordsARR=(); #-- initialize the arrays
print "working. please wait...\n\n";
unlink( "$PWD\\Project_0836_Mappings_CtoW.pag" )
if (-e "$PWD\\Project_0836_Mappings_CtoW.pag" );
unlink( "$PWD\\Project_0836_Mappings_CtoW.dir" )
if (-e "$PWD\\Project_0836_Mappings_CtoW.dir" );
unlink( "$PWD\\Project_0836_Mappings_WtoC.pag" )
if (-e "$PWD\\Project_0836_Mappings_WtoC.pag" );
unlink( "$PWD\\Project_0836_Mappings_WtoC.dir" )
if (-e "$PWD\\Project_0836_Mappings_WtoC.dir" );
unlink( "$PWD\\Project_0836_Mappings.txt" )
if (-e "$PWD\\Project_0836_Mappings.txt" );
$cnt1=0; $ret="Y";
open(CODES,"$PWD\\codes.txt") || do {$ret="N";};
if ($ret eq "N") {
print "Codes input file not opened \n";
sleep 5; die;
while (<CODES>) {
chomp $_;
$codesARR[$cnt1]=$_;
$cnt1++;
print $cnt1 . " codes loaded\n\n";
close(CODES);
$cnt2=0; $ret="Y";
open(WORDS,"$PWD\\words.txt") || do {$ret="N";};
if ($ret eq "N") {
print "Words input file not opened \n";
sleep 5; die;
while (<WORDS>) {
chomp $_;
$wordsARR[$cnt2]=$_;
$cnt2++;
print $cnt2 . " words loaded\n\n";
close(WORDS);
sleep 3; #-- a little time to check on record counts loaded to both arrays
tie( %Project_0836_Mappings_WtoC, "SDBM_File", '.\Project_0836_Mappings_WtoC', O_RDWR|O_CREAT, 0666 );
if (tied %Project_0836_Mappings_WtoC) {
print "WtoC Hash/SDBM File are now tied\n\n";
} else {
print "Could not tie WtoC Hash/SDBM File\n\n"; sleep 5; die;
tie( %Project_0836_Mappings_CtoW, "SDBM_File", '.\Project_0836_Mappings_CtoW', O_RDWR|O_CREAT, 0666 );
if (tied %Project_0836_Mappings_CtoW) {
print "CtoW Hash/SDBM File are now tied\n\n";
} else {
untie(%Project_0836_Mappings_WtoC); #-- close the successful tie made directly above
print "Could not tie CtoW Hash/SDBM File\n\n"; sleep 5; die;
open (OUT,"> $PWD\\Project_0836_Mappings.txt");
OUT->autoflush(1);
$cnt2=$#wordsARR; #-- we do this because we will be removing elements from wordsARR
for ($i=0; $i<=$cnt2; $i++) {
$index = rand @codesARR; # get a random index from the codes array
$code = $codesARR[$index]; # get the value of that array element
splice(@codesARR,$index,1); # removes only this element from the codes array.
$index = rand @wordsARR; # get a random index from the words array
$word = $wordsARR[$index]; # get the value of that array element
splice(@wordsARR,$index,1); # removes only this element from the words array.
$Project_0836_Mappings_WtoC{$word}=$code; # key/value pair where: word is key, code is value
$Project_0836_Mappings_CtoW{$code}=$word; # key/value pair where: code is key, word is value
print "Your Mappings have been created and saved to (.dir and .pag extension files)\n\n";
print OUT "Here are your Mappings you just created:\n\n";
foreach $key (keys %Project_0836_Mappings_WtoC) {
print OUT "word=" . $key . " code=" . $Project_0836_Mappings_WtoC{$key} . "\n";
print OUT "##################################################\n";
foreach $key (keys %Project_0836_Mappings_CtoW) {
print OUT "code=" . $key . " word=" . $Project_0836_Mappings_CtoW{$key} . "\n";
untie(%Project_0836_Mappings_WtoC); #-- now you have saved a persistent word/code mappings file
untie(%Project_0836_Mappings_CtoW); #-- now you have saved a persistent code/word mappings file
close(OUT);
print "Done. Goodbye!\n";
sleep 5;
exit; -
Payment Card Industry Data Security Standards Requirement
We store credit card numbers in our CRM and ERP systems for billing
purposes. We use Delego software for credit card security. We also mask
the credit card numbers during display.
According to our interpretation of section 3 of the Payment Card
Industry (PCI) Data Security Standards, we understand that we can
retain cardholder data only as long as needed for business, legal,
and/or regulatory purposes. According to our compliance policy that
period is 3 years.
Hence we wish to replace all card numbers older than 3 years with dummy
card numbers. Since this requirement is mandated by the PCI-DSS, we
believe SAP should be supplying us means to accomplish this. Are there any programs delivered by SAP to modify card numbers? Has anybody come across such a requirement?Hi Gina,
Did you find good information about PCI-DSS compliance topics with SAP from this forum? In particular we are looking at options to comply with requirement 11, File Integrity Monitoring.
We would appreciate any guidance.
Thank you, TMM -
Problem due to Ironport Data Security feature
We are using S160 (version 6.0.1-006) in forward mode and as soon as we enable Ironport Data Security feature the WSA stops responding after some time for few minutes and then starts processing http requests. This happens after every 5-10 mins. and ultimately we have to disable the Data security feature. Once the feature is disabled the WSA works smoothly. Please help......
Hi,
If you haven't already, I suggest opening a ticket with customer support.
Jennie -
Oracle BI (Siebel Analytics) / Data Warehouse Data Security
Hello,
We are implementing Oracle Siebel Analytics and Custom datawarehousing using Oracle 9i DB. I am interested to know if we can implement consistent data security model for different data marts. Means with one single data warehouse, I want to implement data security model or policies in one place and they are applied consistently across all of the datamarts.
1. Can we or oracle support this kind of secinerio.
2. If yes, what would be perfect model an example will be helpful, and if not what best approach is available to resolve this security model.
Any suggestion or help would be great.
Regards
GirishHi, Do you also get some other packages names that the error msg reports like ...
RPE-01012 Cannot deploy PL/SQL maps to the target schema because it is not owned by the Control Center and "SOME WRT.... package names" I think once did I face this and made sure that the repository user has some packages granted through OWBREPOS_OWNER/OWB_REPOS_OWNER to the user you are using to run the mapping.
Regards,
Mohammad Farhan Alam
Maybe you are looking for
-
FTP Adapter - Dynamic JCA properties.
Hi All, I have a requirement to dynamically assign few jca properties in FTP Adapter as listed below, FileName JNDI name PhysicalDirectory AchiveDirectory DeleteFile UseRemoteArchive Out of these, i am able to dynamically set the values for Source/Ta
-
Need help getting a code for photoshop
I have had Adobe Photo Album Starter Edition 3.2 on my computer sinse 2007. and it has been registered . but every once in awhile it would say it is not registered but it still let me look at my pictures so i didnt worry about it. now it is doing it
-
How to take other music and photo from a librery different from the first ipod was sync?
how to take othe music and photo from different librey than the first used, without loose the photo and music alredy stock in ipod ?
-
Should i still go to the apple bar?
i droped my iphone 5 in a smalll puddle of water that was left in the tub it was in there for about a second it worked fine after but i turned it off and let it stay in rice
-
I would like an immediate reaccredit of my account after buying an app that do not work, iWeb Theme Designs, v1.0, Éditeur : Vitalijus Vysniauskas (4 ).. this app is not compatible with iweb french