×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

 

This documentation supports the 20.08 version of BMC Helix Platform. 
To view an earlier version, select 20.02 from the Product version menu.
BMC Helix Platform 20.08 ... Tailoring applications Creating the definitions for a tailorable Digital Service application Defining record definitions to store and manage data

Encrypting fields

BMC Helix Platform enables you to enter a secure value in a text field by encrypting, hashing, or masking. You can perform this using properties such as Store Encrypted, Store Hashed, or by masking a field value. The advantage of using these properties is that the information entered in the text fields can be stored safely and viewers will not have access to confidential information.

 The difference between these properties is that Store Hashed and Store Encrypted can be enabled at text field level whereas masking cannot be enabled for an individual text field. Also, Store Hashed and masking are one way encrypted and can never be decrypted.

This topic describes the information about providing security to a text field using these options.

Important

  • Application business analysts can customize the objects developed in their own applications and that are marked customizable by the developers, but cannot customize the objects developed in com.bmc.arsys. For example, objects in core BMC applications like Foundation, Approval, and Assignment cannot be customized.
  • You cannot change the field IDs of default record fields.

To encrypt a text field

You can encrypt a text field in a record definition using the Store Encrypted property available in the Record designer. With this property, value of the text field is encrypted on persisting in database but appears as clear text when shown in UISo, important and confidential information is secured. The Store Encrypted property is available only for the text fields.

  1. Log in to BMC Helix Innovation Studio and navigate to the Workspace tab.
  2. Select the application for which you want to encrypt record definition field.
  3. On the Records tab, select the record definition and click the record name.
  4. In the Record designer, select the field name that you want to encrypt.
  5. Click the Settings icon  in the Details pane on the right side. 
  6. In the field details, use the toggle key for the Store Encrypted property as shown in the following image and save the record.

The value of a field with this property set is stored as a encrypted in the database, but is not masked on your application UI.

Important

In Remedy Smart Reporting, an encrypted field value is displayed as decrypted only if you use it as is and not with any operator, for example, concatenation, function, and so on.

Consider an example, where an employee record has the employeeName and salary fields, and the salary field is encrypted. The value of the employeeName field is Ajay, value of the salary field is 10000, and the encrypted field value of the salary field (10000) is 67ghh898989.

  • When you select employeeName, salary from the employee record, you get the values as Ajay, 10000.
  • When you select employeeName + salary, you get the value as Ajay67ghh898989.

To mask a text field

When you need to mask the value for a text field (for example, a password field), you set the Field ID property of the record to 102 or 123. These special field IDs can be used only once per record definition.

  1. Log in to BMC Helix Innovation Studio and navigate to the Workspace tab.
  2. Select the application for which you want to mask record definition field.
  3. On the Records tab, select the record definition and click the record name.
  4. In the Record designer, select the field name for which you want to mask the value.
  5. In the Details pane, navigate to field details section.
  6. In Field ID, enter the value 102 or 123 as shown in the following image:
  7. In the Length field, enter 63.
  8. Save the record.

To verify a text field mask

  1. Create a view.
  2. Create a record instance for the record definition that contains the masked field (for example, a password field).
  3. Preview the view definition.
  4. Enter the value for the field and verify that the masked field value appears in the form of dots or asterisks.

To hash a text field

You can enable Store Hashed property for a newly created or already existing text field in a record definition. You can enable Store Hashed property only for text fields. After enabling this property, if you enter a value in the text field, it appears as dots or asterisks and not as clear text. A store hashed text value can never be decrypted. For a Store Hashed property, the field length should be 30 characters. 

You cannot modify Store Hashed property on a customized and inherited text field. You cannot change it on record definitions like Join and Audit. For these record definitions, the Store Hashed property will always be the same as the one defined for their parent record definitions.

This property is useful when any crucial, highly secured information needs to be entered and stored.

For example, you can add a password or similar authentication parameter for every user. If the text field for the parameter is store hash enabled, the value entered for this parameter always appears as dots and never as a text.

For more information about PIN in Person data form, see Creating or modifying Person data.

  1. Log in to BMC Helix Innovation Studio and navigate to the Workspace tab.
  2. Select the application where you want to create a new record definition.
  3. In a record definition, add a text field or go to any existing text field.
  4. For the text field, in the Details pane, enter all the details including NameField ID and so on.
  5. In Details pane, use the toggle key to enable the Store Hashed property. 
  6. Enter Length as 30 as the field length of a Store Hashed property should be 30.
    The following image shows the Length and Store Hashed fields:
  7. Click Save.

After you enable the Store Hashed property, if you go to Edit Data of the text field, and click New, a field will be present on the UI of the application. This field will have the same name as the Name entered in the text field details screen. If you enter any text in this field, it will appear as dots or asterisks.

You can also use the Store Hashed property to validate the PIN value of the requester. 

For more information about validating PIN value, see Validating and verifying a PIN value.

Related topic

Creating or modifying regular record definitions

Was this page helpful? Yes No Submitting... Thank you
Last modified by Prachi Kalyani on Nov 01, 2023
encrypting mask field_mask store_hashed ba text_fields

Comments

Log in or register to comment.

Enabling record auditing
Filtering record definitions
© Copyright 2016 - 2024 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.