Encrypt/tokenize CMOD Data on the fly.Possible?

Previous topic - Next topic
Print
Go Down Pages1
User actions

Pk2016

September 19, 2016, 02:57:55 PM
Hello Experts, im not sure if this is possible but  Is there an option to encrypt/tokenize  CMOD  data on the fly.

There is this front end application(a different team) in our project housed in Cloud(a S3 bucket ) and want to connect to ondemand  to retrieve the docs(not sure how the latency  for the retrieval is going to be ). Apparently there is no encryption that is done in CMOD  while archiving.Now for the front end application to pull the docs, it has to be encrypted/tokenized due to PCI compliance  and only approach seems to be to do it on the fly.  Your thoughts ?


Justin Derrick

#1
September 19, 2016, 07:44:57 PM
CMOD supports SSL.  Even the utilities are are SSL-aware.  You can query and do retrievals encrypted, but you likely won't be able to obsure / redact / tokenize without a LOT of work writing an output/preview exit.

-JD.
Call:  +1-866-533-7742  or  eMail:  jd@justinderrick.com
IBM CMOD Wiki:  https://CMOD.wiki/
FREE IBM CMOD Webinars:  https://CMOD.Training/
IBM CMOD Professional Services: https://CMOD.cloud

Interests: #AIX #Linux #Multiplatforms #DB2 #TSM #SP #Performance #Security #Audits #Customizing #Availability #HA #DR

ewirtz

#2
September 20, 2016, 07:48:23 AM
Hi PK2016,

it is possible but of course only with exit programming. please look for the PCI discussion in this forum.

regards

Egon

Alessandro Perucchi

#3
September 21, 2016, 10:52:14 PM
Another way, would be to have like a multi tier setup:

CMOD -> WebService (which get the document from CMOD and encrypt it) -> Send the encrypted document to the S3 Project team

That way, you can have a simple ODWEK interface on you side, and give the data in the way you want to the other party.
And they don't need to know CMOD, you just encapsulate everything in your API.
That way, you can use bulk retrieve or single retrieve.

The problem with the exit, is that you cannot do bulk retrieve, and this could be really tricky, but not impossible, since people already did that.
Alessandro Perucchi

#Install #Migrations #Conversion #Educate #Repair #Upgrade #Migrate #Enhance #Optimize #AIX #Linux #Multiplatforms #DB2 #Windows #Oracle #TSM #Tivoli #Performance #Audits #Customizing #Availability #HA #DR #JavaApi #ContentNavigator #ICN #WEBi #ODWEK #Services #PDF #AFP #XML

ewirtz

#4
September 22, 2016, 05:35:47 AM
Hi Alessandro,
you are right this is possible. Just an additional information. Only the credit card numbers must be stored encrypted. It depends of the requirements whether it helps to use the CMOD frontend. Depending on your rights you could see no document, a tokenized document or a document with unencrypted card numbers. This could be realized with the preview exit (using ICSF or open SSL depending on the platform).

regards
Egon

Pk2016

#5
September 29, 2016, 06:26:11 PM
thank you everyone . Ill take the inputs back to our team . At present i do not have experience on User exists . Will have to analyse what it is about. Thanks you again for your time and valuable inputs.

Print
Go Up Pages1
User actions
SMF 2.1.4 © 2023, Simple Machines
ProCurve Theme Made By : TwitchisMental