Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

This content has been archived and is no longer being updated.

Links may not function; however, this content may be relevant to outdated versions of the product.

Encrypting Properties and BLOBs

Updated on September 10, 2021

Transcript

PRPC 5.3 enhances the security of your work data with the addition of two new features:

  1. The ability to encrypt the entire PRPC work object stream (a.k.a. the blob)
  2. The ability to encrypt individual properties.

In both cases you must provide your own cipher algorithm. Out of the box, PRPC contains a sample algorithm but it is NOT meant for production use. The class com.pega.pegarules.crypto.PRCipherSampleBF can be used for testing this functionality, but you must create an appropriate cipher for production use. Instructions on building a cipher can be found under the help topic Working with the PegaRULES Database — How to Encrypt the Storage Streams of Selected Classes.

To set up PRPC for encryption, you must update the prconfig.xml on each node. After updating, you must restart your PRPC application.

Encrypting the Blob

To set the encryption for the entire work object stream, click the “Encrypt BLOB” checkbox on the Rule-Obj-Class definition of the work object you wish to encrypt.

Note: Once instances of this class exist, you are unable to change this value. An encrypted Blob shows the entire blob decrypted on the clipboard.

Encrypting Properties

To set an individual property as encrypted, set the property’s type to TextEncrypted and the HTML property to ShowTextEncryptedPropertyValue. You must also create a rule access When to determine when the value can be shown in clear text. This is useful in allowing certain users to see the value in clear text while masking the value for other users.

Encrypted properties are displayed as asterisks and the values are encrypted directly on the clipboard. As mentioned previously, an encrypted Blob shows the entire blob decrypted on the clipboard.

Some additional notes on encryption:

  • When using properties of type TextEncrypted in comparisons, you must call the encryptPropertyValue utility function
  • To work with encrypted values in the criteria section of a report, such as a list view or a summary view, you must specify the EncryptTextPropertyValue edit input rule for your comparisons to work properly
  • Remember, encryption and decryption take time. Be sure to check your PAL report for specifics on the cost of encryption to performance.

Tags

Pega Platform 7.1.1 - 8.3.1 System Architect Lead System Architect Business Architect Experience Designer Pega Delivery Leader System/Cloud Ops Administrator Low-Code App Development Financial Services Healthcare and Life Sciences Insurance Communications and Media Government Healthcare and Life Sciences Consumer Services

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Visit the Support Center

Did you find this content helpful?

Yes
No

Want to help us improve this content?
Suggest an edit

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us