Document Encryption

Document encryption is a feature provided with Sterling B2B Integrator that allows for the configuration of an additional layer of security beyond the traditional file and database permissions.

If you have integrated Sterling File Gateway with Sterling B2B Integrator, it uses the same document encryption feature for protecting data at rest. Sterling File Gateway is an application for securely transferring files between partners using different protocols, file naming conventions, and file formats.

The document encryption feature is intended to protect data at rest from snooping. The feature allows you to encrypt the payload data stored in the database and/or the file system. It is also designed to prevent someone outside the system from viewing the payload data by directly accessing the database or file system.

Important aspects of document encryption:

The default configuration at installation is no encryption. If you want to have your documents encrypted, you will need to turn on this feature.
You can turn this feature on at any time, but only documents received after encryption is turned on are encrypted.
Once you turn on this feature, encryption is for all payloads across the entire system.
Only the document payload data is encrypted, not the meta data.
The same encryption key is used to encrypt and decrypt.
The system uses a predefined certificate (doccrypto) to encrypt documents. You can create a different system certificate. If you do you must update the value of CERT_NAME in the customer_overrides.properties file.

While performance is impacted when encryption is enabled, each customer will see different performance impacts depending on hardware, the number and size of documents being processed, and the relative amount of processing time spent by a given server doing document persistence and retrieval against other activities.