Release 10.1A: OpenEdge Getting Started:
Core Business Services

Confidentiality

Confidentiality (also referred to as data privacy) assures that data communicated between any two or more entities can only be read by the entities for whom the data is intended. In order for data privacy to work effectively, each party in the communication must have a means to write and read the data that is readily available to the intended parties, but is not available at all to unintended parties; and it must work with intended parties who do not necessarily know about each other before hand. In addition, the time between the writing and the reading of the confidential data must be acceptable to both parties.

Confidentiality is primarily a concern over a network where client and server components of a distributed application are exchanging data. The mechanisms used to ensure data privacy rely largely on various forms of cryptography. Cryptography is a means to encode data so that only components that share an otherwise secret means to decode the encoded data can read it.

The cryptographic mechanisms used to ensure data privacy are generally chosen to balance security with performance. OpenEdge supports a variety of cryptographic mechanisms in the Progress 4GL for application development and in the infrastructure to connect the distributed components of a deployed Internet or intranet application. For more information on:

OpenEdge support for cryptography — See Chapter 3, " Cryptography."
OpenEdge support for data privacy in a distributed application — See Chapter 5, " Public-Key Infrastructure (PKI)."