All Posts

Trusted Content Services (TCS)

S

By Suhas Das

Author

50 views

In OpenText Documentum, Trusted Content Services (TCS) is an advanced security feature set that enhances data protection, compliance, and content integrity within the repository.

TCS is available as a licensed extension and provides additional controls beyond standard Documentum security.

Key Features of Trusted Content Services

TCS introduces several high-security capabilities:

1. Encrypted File Store Storage Areas

  • Ensures content files are encrypted at rest
  • Prevents unauthorized access from the operating system level
  • Encryption and decryption occur automatically

Key details:

  • Each file store has its own encryption key
  • Key is stored in the crypto_key property of the dm_filestore object
  • Encryption happens when content is saved
  • Decryption happens when content is retrieved

Algorithms:

  • Triple DES (192-bit)
  • AES (128, 192, or 256-bit supported)

👉 Note: Encryption must be enabled at creation time and cannot be changed later.

2. Digital Shredding

Digital shredding ensures that deleted content is permanently destroyed and cannot be recovered.

How it works:

  • When content is deleted:
    • It is removed from the repository
    • The file is overwritten multiple times

Compliance:

  • Uses DOD 5220.22-M standard
  • Overwrites data with:
    • A character
    • Its complement
    • A random value

Limitations:

  • Supported only for standalone file stores
  • Not supported for:
    • Distributed storage areas
    • Blob, turbo, or external storage

👉 Ensures maximum data security and compliance.

3. Strong Electronic Signatures

TCS enhances electronic signature capabilities using:

  • IDfSysObject.addESignature method

Features:

  • Creates a formal signature page
  • Adds it as:
    • Primary content or
    • A rendition
  • Verifies previous signatures before adding new ones
  • Stores signature events in audit logs

👉 Useful for:

  • Approval workflows
  • Regulatory compliance
  • Legal documentation

4. ACL Integration

TCS works alongside Access Control Lists (ACLs) to:

  • Enforce strict access control
  • Ensure only authorized users can interact with sensitive content

Additional Notes on Encrypted File Stores

  • Can be standalone or part of distributed stores
  • Distributed stores may contain a mix of:
    • Encrypted components
    • Unencrypted components
  • Full-text indexing:
    • Supported for encrypted content
    • But indexes themselves are not encrypted

Benefits of TCS

  • Enhanced security → Encryption + shredding
  • Regulatory compliance → Audit + signatures
  • Data protection → Prevent unauthorized access
  • Content integrity → Verified signatures

Conclusion

Trusted Content Services (TCS) strengthens Documentum by adding enterprise-grade security features, including encryption, secure deletion, and strong authentication mechanisms.

These capabilities make Documentum suitable for high-security environments such as finance, healthcare, and government systems.

0 Comments

Leave a Comment

Your email will not be published. Comments are subject to moderation.