Confidentiality

The confidentiality service protects sensitive information from unauthorized disclosure. When sensitive data is stored locally, access control mechanisms can be sufficient to protect it on the assumption that the data cannot be read if it cannot be accessed. If a greater level of security is required, the data can be encrypted. Sensitive data should be encrypted when it is transmitted over a communications network, especially over an insecure network such as the Internet. In a networking environment, access control mechanisms alone are not effective against attempts to intercept the data, such as wiretapping.

Confidentiality is used to protect access to sensitive resources within Rhapsody under the following circumstances:

• During secure communications between Rhapsody and external systems. This is achieved through encryption of data which is transmitted over the network.
• To protect data persisted by Rhapsody to its data store from unauthorized users. This is primarily achieved through access controls.

For details on confidentiality services that can be implemented in a Rhapsody environment, refer to:

• Access Control in Rhapsody.
• TLS/SSL Support in Rhapsody.