Like Determinations Server, Web Determinations is a web application and any unsecured communication between a user and Web Determinations is vulnerable to interception. Web Determinations can also be deployed to use HTTPS, which will make the communication between the user and the web application, secure. As with the Determination Server, you should consult the documentation for the application server on which you intend to deploy Web Determinations.
Finally, in order to communicate with CRM On Demand, Web Determinations needs a username and password to pass on to the Web Services. These are stored in the crmod-data-adapter.properties properties file inside the Web Determinations. An encrypter tool is provided for both Java and .NET so that you can ensure that the username and password are not stored in plain text. It is strongly recommended that you use the encrypter before deploying Web Determinations.
Secure a Web Determinations deployment in the Oracle Policy Automation Developer Help