Show TOC Start of Content Area

Procedure documentation Setting Up Secure Storage  Locate the document in its SAP Library structure

Use

When using DB2e as persistence, you can make use of encrypted DB2e installation files. This requires the use of a password to connect to the database instance.

Normally MI uses a default password and the encoded format of this password is stored internally. However the users can specify their own password and then the encoded format of this password is stored in the MobileEngine.config file.

In order to further protect this encoded password from the eyes of unauthorized users, Secure Storage functionality can be used. Secure Storage is a mechanism of storing the encrypted database password in a more secure manner, and the database password is removed from the MobileEngine.config file which anyone can access.

When the database password is securely stored as encrypted data, it is only accessible after authentication:

      If the user logs on with the local password, he or she has access to the stored, encrypted password.

      If the user authenticates him- or herself by means of Single Sign-On, the server supplies the password to access the stored, encrypted password.

Caution

Note that you can only use the Strong Encryption in countries where this is allowed.

Prerequisites

      You have downloaded the Secure Storage toolkit from note 1014307.

      Only one user has been created on the device before enabling secure storage.

Procedure

To enable secure storage, use the Mobile Administrator to convert and deploy the toolkit, see Deployment of Mobile Components.

Alternatively, you can also enable secure storage manually:

...

       1.      Add the following parameters to the file MobileEngine.config:

MobileEngine.Security.Persist.SecureStorage = true

MobileEngine.Security.Implementation.Provider = iaik.security.provider.IAIK

Use one of the methods to do this that are referred to in Parameters in MobileEngine.config.

       2.      Copy the iaik_jce.jar file for encryption into the <jdk installation directory>\jre\lib\ext directory.

See also:

For information on other parameters and the different configuration methods: Parameters in MobileEngine.config

End of Content Area