Smart Instrumentation Encryption Mechanism - Intergraph Smart Instrumentation - 13.1 - Administration & Configuration

Smart Instrumentation Encryption Mechanism - Intergraph Smart Instrumentation - 13.1 - Administration & Configuration - Hexagon

Intergraph Smart Instrumentation Administration

Language

English

Product

Intergraph Smart Instrumentation

Search by Category

Administration & Configuration

Smart Instrumentation Version

13.1

Encryption Levels

There are four levels in the encryption mechanism of Smart Instrumentation:

Security schema password encryption.
Admin schema user password and Admin schema user logon name encryption (applicable for Oracle and SQL Server databases only).
Domain schema password encryption.
Smart Instrumentation user password encryption.

Logon Process

The logon process in Smart Instrumentation operates at the following levels:

The intools.ini file — holds the security schema password that provides access to the intools_login schema.
The intools_login schema — holds the INTOOLS_user table, which holds the Admin schema user password and logon name.
The Admin schema — holds the PROJECT table, which in turn holds the names of the existing domains and all the passwords of Smart Instrumentation users.

Encryption Functionality per Database Platform

The following tables show the availability of the encryption functionality according to database platform.

Oracle:

Schema	Password Change	Encryption
Security Schema	Yes	The encrypted password is saved in the intools.ini file. This file must be distributed to all client machines.
Admin Schema	Yes	The encrypted password and user name are saved in the INTOOLS_user table. The password and user name are deleted from the intools.ini file.
Domain Schema	Yes	Encrypts all passwords in the following tables: project, engineering_project, sap_project. These are all the domain passwords.
Smart Instrumentation Users	Yes	Encrypts all passwords in INTOOLS_user table (the table that holds all the SI usernames & their passwords).

SQL Server:

Schema	Password Change	Encryption
Security Schema	Yes	The encrypted password is saved in the intools.ini file. This file must be distributed to all client machines. Note that this password is same for all the databases in an instance that is hosted on a given server.
Admin Schema	Yes	The encrypted password and user name are saved in the INTOOLS_user table. The password and user name are deleted from the intools.ini file.
Domain Schema	Yes	Encrypts all passwords in the following tables: project, engineering_project, sap_project. These are all the domain passwords.
Smart Instrumentation Users	Yes	Encrypts all passwords in INTOOLS_user table (the table that holds all the SI usernames & their passwords).

Encryption Results

Security Schema:

Unencrypted	Encrypted
In the intools.ini file: SecuritySchemaPassword=intools_login	In the intools.ini file: SecuritySchemaPassword=#2f###RG##T

Admin Schema:

Unencrypted

Encrypted

In the intools.ini file:

The LogId, LogPass, and Dbparm parameters display these values. The intools.ini file is accessible by all users.

In the intools.ini file, the LogId, LogPass, and Dbparm parameters no not display any values.

The LogId and LogPass values are encrypted in the INTOOLS_user table.

Domain Schema:

All the Domain schema passwords are encrypted in the PROJECT, ENGINEERING_PROJECT, and SAP_PROJECT tables.
All the user passwords are encrypted in the INTOOLS_USER table. Consequently, none of the passwords are visible to employees with database access rights.

Smart Instrumentation User Passwords:

All the user passwords are encrypted in the INTOOLS_USER table. Consequently, none of the passwords are visible to employees with database access rights.