I want to start the coverage of the new features in 1.3 with the security theme. These features come to complete the existing Security Considerations for Rational Publishing Engine.
This is a discussion on the tools exposed by RPE to help users build or integrate RPE in a secure document generation flow and not a discussion on the security of RPE itself as that is a constant activity. The RPE development team and dedicated security teams constantly test and review RPE’s security using IBM Security AppScan, threat modelling, penetration testing etc.
The first thing to mention is the upgrade of the JRE shiped with RPE from Java 6 to Java 7 (SR7 FP1).
Command execution is disabled in 1.3
In RPE 1.3 the execution of commands is disabled by default. This includes pre/post commands as well as the commands that can be associated to data sources and include files. To enable command execution, you must set the com.ibm.rational.rpe.enable_commands property to true.
Digitally signed templates
We’ve added tools that allow setting-up a tightly controlled document generation process.
RPE Document Studio can digitally sign document templates while RPE Launcher verifies the templates for signatures. These two features enable the strict document generation mode in which RPE will generate documents only if all the templates in the document specification are digitally signed and the signature can be verified. This not only improves the security but also improves the correctness of the document generation process as you cannot run templates that are accidentally modified.
Digitally signed and password protected output documents
We’ve added features that target the output of the document generation process as well. You can now digitally sign and/or password protect the Word and PDF documents. Digitally signing a document ensures that no further changes can occur (undetected) after the document was produced. Password protecting a document extends the security of the data source to the output document.