Dear all,

I have a question that originally comes from a customer. Is there any IBM Engineering Requirements Management DOORS (Classic) database encryption feature available in the latest versions? I have seen this support note that states there's no such thing but I was hoping the newest versions would have added it.

Help pages do have information about secure communications but storage seems to be lacking encryption.

Does anybody know if this feature is on the 9.7.x roadmap (fingers crossed) or any other method/3rd party extension that could be used?

Thanks and kind regards,
Oskar

------------------------------
Oskar Berreteaga
SW V&V Manager
ULMA Embedded Solutions
Oñati
34943250300
------------------------------

#EngineeringRequirementsManagement
#Sustainability

Hi Oskar,

As you mentioned, you can configure IBM® Engineering Requirements Management DOORS® (DOORS) to use encrypted communication between the DOORS clients and the database server.
And, you can configure IBM® Engineering Requirements Management DOORS® - Web Access (DWA) to comply with standards that are specified by the US Department of Commerce National Institute of Standards and Technology (NIST) and National Security Agency (NSA) to define security requirements for encryption. 
Please see the following page for detailed information:
https://www.ibm.com/support/knowledgecenter/SSYQBZ_9.7.0/com.ibm.doors.configuring.doc/topics/c_configuringrserversidesecurity.html

Regarding the encryption of DOORS data at rest, you can certainly take advantage of file system encryption methods that most modern Operating Systems provide.
For example, you can encrypt a specific directory in a regular filesystem when using Red Hat Linux, see: https://access.redhat.com/articles/4779391

Kind Regards,
Christophe Telep
Offering Manager, IBM Engineering



------------------------------
Christophe Telep
Product Manager
IBM
Toulouse
603200371
------------------------------

Hi Christophe,

Thank you for your reply.

Kind regards,
Oskar

------------------------------
Oskar Berreteaga
Systems Engineering and Software Manager
ULMA Embedded Solutions
Oñati
34943250300
------------------------------

Original Message:
Sent: Mon February 08, 2021 05:52 AM
From: Christophe Telep
Subject: DOORS Classic database encryption?

Hi Oskar,

As you mentioned, you can configure IBM® Engineering Requirements Management DOORS® (DOORS) to use encrypted communication between the DOORS clients and the database server.
And, you can configure IBM® Engineering Requirements Management DOORS® - Web Access (DWA) to comply with standards that are specified by the US Department of Commerce National Institute of Standards and Technology (NIST) and National Security Agency (NSA) to define security requirements for encryption. 
Please see the following page for detailed information:
https://www.ibm.com/support/knowledgecenter/SSYQBZ_9.7.0/com.ibm.doors.configuring.doc/topics/c_configuringrserversidesecurity.html

Regarding the encryption of DOORS data at rest, you can certainly take advantage of file system encryption methods that most modern Operating Systems provide.
For example, you can encrypt a specific directory in a regular filesystem when using Red Hat Linux, see: https://access.redhat.com/articles/4779391

Kind Regards,
Christophe Telep
Offering Manager, IBM Engineering



------------------------------
Christophe Telep
Product Manager
IBM
Toulouse
603200371
------------------------------