Skip to main contentSkip to search
Powered by Zoomin Software. For more details please contactZoomin
Progress DocumentationProgress Documentation
Progress Documentation
  • Home
  • Home
  • EnglishČeštinaDeutsch (Germany)Español (Spain)FrançaisItaliano (Italy)Português (Brasil)日本語Русский (Russia)中文 (简体) (China)中文 (繁體, 台灣) (Taiwan)ar-AR
  • Login

Learn about Security and Auditing

Security services

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
Table of Contents
  • Overview
    • OpenEdge Core Business Services
      • Security services
        • Identity management
          • Authentication
          • Authorization
        • Connection and data security
          • Confidentiality
          • Integrity
          • Trust
        • Governance
      • Auditing
        • Run-time auditing
        • Audit trails
        • Common auditing approach
        • Audit policies
        • Audit security
        • Query and report audit data
        • Archive audit data
        • Enable or disable auditing
      • Transparent Data Encryption
      • Introduction to Dynamic Data Masking
        • Configure DDM
          • Database utilities for administering DDM
          • Dynamic data mask configurations
            • Default mask
            • Null mask
            • Literal mask
            • Partial mask
          • Authorization tags
        • Get started with DDM
  • Security
    • Security in OpenEdge
      • Application development
        • ABL applications
        • Open Client applications
      • Application deployment
        • Encoding prefix
        • Secure source code
        • Secure compiled OpenEdge code
        • WebClient applications
        • Application portability
      • Data management
        • OpenEdge levels of data security
        • Database security
        • DataServer security
      • Application feature authorization
        • ABL run-time procedure authorization
      • PAS for OpenEdge security features
        • Application security
        • Security for OpenEdge Web services
        • Consume external web services in ABL
        • Data privacy for client connections to PAS for OpenEdge
        • Firewall compatibility
      • Integration service security features
      • Application network security using TLS
      • Secure auditing
      • Core user authentication and authorization
        • Configure OpenEdge security domains in an OpenEdge RDBMS
        • Create user IDs in the OpenEdge RDBMS _User table
        • Authenticate and authorize a user ID
        • Assert a user ID validated using SSO
      • TLS Security
        • Change cryptographic protocol, ciphers, and certificates
          • TLS libraries supported in OpenEdge
          • Supported protocols, ciphers, and certificates for OpenEdge clients and servers
          • Change the default protocols and ciphers
            • Change the default protocols and ciphers for Progress OpenEdge clients
            • Change the default protocols and ciphers for Progress OpenEdge servers
      • Add Server Name Indication (SNI)
      • Secure the Tomcat Manager and OpenEdge Manager web applications
      • ESAM
        • Change the global policy
        • Change an installation-level policy
          • POLMAN
        • Troubleshoot ESAM issues
          • Installation issues
          • ESAM loads in anonymous mode unexpectedly
        • Synchronize ESAM-managed OpenEdge installations
          • Unregister an ESAM-managed OpenEdge installation
          • Register an ESAM-managed OpenEdge installation
        • Valid uses of anonymous mode
      • OpenSSL 3.5 in OpenEdge
    • Cryptography
      • Basic cryptography
        • Algorithms
        • Keys
        • Entropy
      • Symmetric (secret) key cryptography
        • Encryption/decryption algorithms
        • Encryption/decryption modes
        • Encryption/decryption key size
        • Combine algorithm, mode, and key size
        • OpenEdge usage
      • Password-based encryption (PBE)
        • PBE algorithms
        • OpenEdge usage
      • Asymmetric (public) key cryptography
        • Asymmetric keys
        • Public-key algorithms
        • OpenEdge usage
      • Message digests
        • Message digest algorithms
        • OpenEdge usage
      • Manage cryptographic data
        • Objectives
        • Requirements
        • OpenEdge solutions
    • Public Key Infrastructure (PKI)
      • Core security services in a PKI
        • Authentication
        • Confidentiality
        • Integrity
      • Cryptography in a PKI
        • Symmetric-key cryptography
        • Message digests and MACs
        • Public-key cryptography
        • Password-based encryption (PBE)
      • Trust relationships and supporting mechanisms
        • PKI trust model
        • Digital certificates and certificate store
          • Add a wildcard character to a public key certificate
          • Add Subject Alternative Name (SAN) to a digital certificate
        • Digital signatures
        • Client and server interactions
        • Key and certificate management
          • Server identity management
          • Client certificate management
          • Digital certificate life-cycle management
    • Transport Layer Security (TLS)
      • TLS standards support in OpenEdge
      • Support for trust
      • TLS interactions and the user
    • TLS in OpenEdge
      • OpenEdge TLS client and server components
      • Use TLS in OpenEdge
      • Manage TLS server identity
        • Establish TLS server identity
        • Use the default TLS server identity
        • Manage your own TLS server identity
      • Configure and run TLS sessions
        • Configure TLS server sessions
        • Configure TLS client sessions
        • Access an TLS server's X.500 Subject Name
    • FIPS mode
      • Identify requirements
      • Limitations
      • Restrictions
      • Check FIPS mode
      • Use FIPS mode
        • Before enabling FIPS mode
          • Prepare databases
          • Stop OpenEdge DataServer for Microsoft SQL Server
          • Prepare PAS for OpenEdge instances
          • Prepare applications
            • Update ABL cryptography code to use FIPS mode
            • FIPS support with Java Open Client in OpenEdge applications
        • Change FIPS mode
        • After enabling FIPS mode
      • Troubleshoot issues
  • Auditing
    • Auditing in OpenEdge
      • OpenEdge auditing
        • What you can audit
          • Audit database events
          • Audit internal system events
          • Audit application events
      • Evaluate your auditing requirements
        • Application developer decisions
        • End user responsibilities
      • OpenEdge auditing recommendations
      • Audit data storage management
    • Secure audit data
      • Overview
        • Assert user identity
        • Add security through separation of duty
      • Manage audit privileges
        • Inherit audit privileges: the security administrator
        • Assign audit security privileges
        • Create a primary and a secondary audit administrator
        • Grant audit privileges
          • Grant audit privileges in ABL
          • Grant audit privileges in SQL
        • Revoke audit privileges
      • Audit data archival security
        • Authenticate archival of audit data
      • Audit security for database clients, tools, and utilities
      • Audit security for OpenEdge databases
      • Audit policy security
        • Seal audit data
        • Resolve audit policy conflicts
        • Export audit policy configuration as an XML file
      • Choose additional audit options
      • Configure additional user authentication systems and domains
      • Control the user ID and the login sessions in audit data records
      • Long-term storage of audit data
        • Archive audit data
      • Assign a unique ID to a database
    • Configure OpenEdge auditing
      • Tasks to configure auditing
        • Enable an OpenEdge database for auditing
        • Connect to the database and assign audit-related privileges
        • Create audit policies using Audit Policy Maintenance
      • Set up OpenEdge auditing context
        • Audit context levels
          • Database transaction context
          • Audit-event group
          • Application context
          • User login session context
        • Record auditing context information
        • How auditing context is referenced by audit event records
        • Add auditing context to the application
      • Manage auditing context
      • Migrate an existing application to use auditing
    • Develop an OpenEdge application enabled for auditing
      • Develop an application enabled for auditing
        • Enable an OpenEdge database for auditing
        • Define application audit events
      • Enable your OpenEdge application for auditing
        • Implement additional auditing options
          • Supply OpenEdge application context information
          • Support user accounts outside of the _User table
          • Use a dedicated OpenEdge database for auditing
          • Set up READ auditing
          • Use a custom audit data and policy archive tool
          • Bootstrap the audit administrator user
          • Create audit policy and report templates
          • Support custom audit policy tools
        • Update an existing ABL application with auditing
        • Enable your SQL application for auditing
    • Deploy an OpenEdge application enabled for auditing
      • Overview
        • Develop the company's audit policy
          • Configure long-term audit data storage
          • Not all databases are enabled for auditing
      • Configure auditing at the production site
        • Set up audit administration
        • Load audit event definitions
        • Load predefined audit policies
        • Set up audit data access
      • Apply audit policy for production systems
      • Write custom audit reports
      • Prepare to deploy your application enabled for auditing
      • Upgrade an existing application to use auditing
    • Maintain audit data
      • Common audit data maintenance tasks
        • Back up and restore a database enabled for auditing
        • Archive and load audit tables
        • Copy a database enabled for auditing
        • Recover audit data
        • Modify the indexes generated for OpenEdge audit tables
        • Modify the audit table storage area
        • Disable auditing
        • Handle long-term storage growth
        • Return audit data from offline storage
        • Ensure audit data integrity
      • Optimize auditing performance
      • Run-time audit maintenance
        • Monitor the health of your databases
        • Query audit data
    • Query and Report Audit Data
      • Audit data schema overview
      • Audit data querying and reporting
        • Report committed data only
        • Internationalization considerations
        • Report on a central archive database
        • Report on a single database with multiple GUIDs
        • Report from multiple audit databases
        • Deactivated audit indexes
        • Report event descriptions
        • Optional client session information
        • Audit data event context
        • Audit data application context
        • Logically group related audit data in an audit event group
        • Group audit data by transaction ID
        • Group audit data by database connection
        • Report additional audit event details
        • Report by audit date and time
        • Report by user ID
        • Report modified field old/new values
        • Identify database events
        • Internal audit event policies
        • Efficient index use
        • Query guidelines
      • Report on audit data with prefiltered and custom reports
      • Generate a custom filtered report
  • Transparent Data Encryption
    • Transparent Data Encryption in OpenEdge RDBMS
      • Define the problem space
        • Provide data privacy
      • Define Transparent Data Encryption
      • Data security
        • Data storage
        • Encrypted data configuration
        • Encryption key
      • Before you start
      • What is encryptable
        • Data considerations
      • Transparent Data Encryption feature summary
      • Enable encryption
        • Add an encryption area
        • Execute the ENABLEENCRYPTION command
    • OpenEdge Keystore
      • General keystore basics
      • OpenEdge keystore
      • Configure keystore access
        • Manual start
        • Autostart
      • Keystore maintenance
        • Backups
        • Modify passphrases
        • Rebind
        • Keystore reconstruct
    • Configure Transparent Data Encryption policies
      • Create encryption policies
        • Create encryption policies with PROUTIL EPOLICY
        • Create encryption policies with the Data Administration tool
      • Encrypt your existing data
        • EPOLICY MANAGE UPDATE example
        • Encryption of new data
      • Maintain transparent data encryption
        • Rekey encryption policies with the Data Administration tool
        • Rekey an encryption policy with PROUTIL EPOLICY
        • Change the cipher of an encryption policy with PROUTIL EPOLICY
        • View encryption policy history in the Data Administration tool
      • OpenEdge SQL support for transparent data encryption
        • Use the CREATE TABLE statement
        • Add an encrypted column
        • Use the CREATE INDEX statement
        • Use the ALTER TABLE statement
        • View encryption policy with the SHOW ENCRYPT statement
        • Delete encrypted objects with OpenEdge SQL
      • Disable encryption
  • Audit data tables
    • Audit data table schema
  • Preconfigured audit policies
    • Use preconfigured OpenEdge audit policies
Table of Contents

Security services

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: February 11, 2026
  • 1 minute read
    • OpenEdge
    • Version 13.0
    • Documentation

Security services consist of several core services that support the following basic security functions:

  • Identity management
  • Connection and data security

The following sections describe these basic security functions and how they are supported in OpenEdge. For more information on particular OpenEdge components and the specific security features that they support, see Security in OpenEdge.

Contents
  • Identity management
  • Connection and data security
  • Governance
TitleResults for “How to create a CRG?”Also Available inAlert