Security (V5.2.3 or later)
Sterling B2B Integrator uses a variety of security mechanisms, including system passwords for administrative functions, password policies based on your company's security policies, and role-based security to provide different levels of access to different users within the organization.
The following security features are provided with Sterling B2B Integrator:
- Role-based security provides users access to files, business processes, Web templates, services, and product features, according to the permissions associated with the user account.
- Password policies are sets of security decisions that you make and apply to different user accounts according to security policies in your company. These choices include such items as the number of days a password is valid and the maximum and minimum length of a password.
- LDAP authentication can be used to delegate authentication of an external user account to an LDAP directory and to provide authentication using the same security information used for other applications in your company. If your company has already adopted LDAP, you can use your existing LDAP directories with the application.
- System Installation passphrase - During installation, you create a system passphrase for your Sterling B2B Integrator installation. The passphrase is a highly complex string longer than 16 characters. The system passphrase is required to start the system and to access protected system information.
- Support for x.509 certificates for encryption, signing, and transport layer security.
- Federal Information Processing Standards (FIPS) 140-2 certified software module and support for FIPS 140-2 certified hardware from nCipher and Safenet.
- Secure Socket Layering (SSL) and Transport Layer Security (TLS).
Additionally, the following security features can be configured:
- Security time out feature provides you with the ability to configure user sessions time outs.
- Custom Password Policy feature allows you to add additional password policy rules. These additional password rules can help you prevent the use of weak, easily hacked passwords and reject non-compliant passwords.
- Single Sign On (SSO) feature is an authentication process that enables users to access several applications and only have to enter one user name and password.
- Document Encryption feature allows for the configuration of an additional layer of security beyond traditional file and database permissions.