Adding Encrypted Properties to a Profile Definition

Commerce Server 2002 provides encryption features that allow you to secure data with encryption tools offering the highest level of security. There are two types of encryption supported by Commerce Server 2002: Asymmetric Encryption (AE), and One-Way Hashing. Commerce Server 2002 does not support symmetric encryption.

The following procedures are to add new profile properties that can be encrypted.

Caution

• Do not mark properties with preexisting data as encryptable. Otherwise, the preexisting data will be lost.

To add a new property for key index

To add profile level custom attribute

To add encrypted properties to a profile

To add a new property for key index

It is recommended to create a new property under the Profiling system property group.

1. Open Commerce Server Manager.
2. Expand Commerce Server Manager, expand Global Resources, expand Profile Catalog, expand Profile Definitions, and then click User Object.
3. In the right pane, click Profile System in the Properties list.
4. Click Add.
5. In the Add-Web Page dialog box, select Add a new property.
6. Click OK.
7. In the Attributes section, type the following:

   Use this	To do this
   Name	Type of name (for example, KeyIndex).
   Display Name	Type the name to be displayed (for example, KeyIndex).
   Description	Optional.
   Type	Select Number.
   Type Reference	N/A

8. Click AdvancedAttributes, and type the following:

   Use this	To do this
   Active	Clear Yes.
   Map to Data	Click the ellipsis button [...] to map this property to a data member of type Number.

9. Click Apply, and then click Save.

To add profile level custom attribute

1. Right-click your profile (for example, User Object) and select Properties.
2. Click the Custom Attributes tab.
3. Click New.
4. In the Custom Attribute dialog box, type the following:

   Use this	To do this
   Name	Type KeyIndex.
   Display Name	Type the name to be displayed (for example, KeyIndex).
   Description	Type the description of the KeyIndex custom attribute.
   Value	Type Key Index. This should be the same property name as the profile created in the earlier step, To add a new property for the key index.

5. Click OK in the Custom Attribute dialog box.
6. Click Apply in the User Object Properties dialog box, and then click OK.

To add encrypted properties to a profile

1. Click Add in the right pane.

2. In the Add-Web PageDialog box, select Add a new property.

3. Click OK.

4. In the Attributes section, type the following:

   Use this	To do this
   Name	Type of property name.
   Display Name	Type name to be displayed.
   Description	Type the description of KeyIndex custom attribute.
   Type	Select Password or String.

5. In the Advanced Attributes section, type the following:

   Use this	To do this
   Map to data	Click the ellipsis button [...] to map the property to a data member.
   Key type	Select as blank. Key type cannot be a UniqueKey, JoinKey, PrimaryKey, DualKey, or HashingKey.
   Encrypted	Select one of the encrypted types from the drop-down list (No Encryption, One Way Hash, or Asymmetric Encryption).
   Exported	Clear the Yes check box.
   Multi-valued	Optional.
   Searchable	Clear the Yes check box.
   Hashing Key	Clear the Yes check box.

   Note

   • In the Custom Attributes section, encrypted properties cannot be marked as displaycolumn or friendlyname (for use in the profile editors only).
   • You cannot create a custom attribute at the property level with a name of EncryptionType (case-insensitive).

6. Click Apply, and then click Save.

For more information, see Managing Encrypted Profile Properties.

Copyright © 2005 Microsoft Corporation.
All rights reserved.