Splat Apr 13, 2012   10:37 PM GMT

Is it the file that needs to be encrypted or is it the communication that needs to be secured?

12,915 pointsBadges:

TomLiotta Apr 14, 2012   0:13 AM GMT

You can use the QC3ENCDT API to encrypt data. Whether it's appropriate to "encrypt a database file" is a different kind of question, though. Data stored in a database file can be meaningful to encrypt -- it may be necessary to store encrypted data in spaces larger than the unencrypted data which can mean using variable-length fields. Splat's question is appropriate. Exactly what needs to be encrypted? Is this going to be restored/decrypted in another AS/400 with similar capabilities? Or is this only for secure off-site storage? Tom

125,585 pointsBadges:

Jeffm Apr 16, 2012   4:10 PM GMT

We have third party software that produces a file that is currently uploaded to a bank via their web page. The concern from the auditors is that the file may be manipulated by one of our users. Since a set of users needs to have permissions to update it (Ap Department) and another set needs read permission to be able to upload it to the bank. They want us to automate the process utilizing ftp instead of the web page. They also want the data encrypted as it resides on our system after it is created.

135 pointsBadges:

Splat Apr 16, 2012   5:39 PM GMT

FTP to your bank can be secured either through SSL or SFTP (BTW, I suspect the bank's web page is secure (https). As for limiting and/or controlling access, encryption is a cumbersome process. You would be better served - and, I believe, your auditor's goals achieved - by securing the file object, either through explicit grants of authority to a user or through an authorisation list.

12,915 pointsBadges:

Jeffm Apr 16, 2012   5:50 PM GMT

Thanks Splat. Thats the road I am going down. If I can secure the file so that the users jobs won't blow up with not enough authority but also not allowing them to change the data once it has been written. Then secure FTP it. Our users want to get away from uploading via banks web site as it takes their interaction. I can automate secure FTP. Thanks again Jeff

135 pointsBadges:

Jeffm Apr 18, 2012   3:07 PM GMT

Is SFTP cababilities on the iSeries something that has to be purchased and licensed from IBM or is it just available? Our iSeries os is V6R1. Thanks Jeff

135 pointsBadges:

TomLiotta Apr 18, 2012   7:36 PM GMT

Is SFTP cababilities on the iSeries something that has to be purchased and licensed from IBM or is it just available? The sftp utility is part of the 5733SC1-IBM Portable Utilities product. The product should be on your install media (if it's not already installed on your system.) It's no-charge. Tom

125,585 pointsBadges:

PerTore Nov 29, 2017   8:22 AM GMT

I'm quite late on this one but do any of you know how to set secure envelope on a file, bank file. Nordea (Bank) also require SFTP communication but first the file must be encrypted with their digital certificate and the answer must be decrypted. If we need any third party software please let me know if you can advise me on which.

15 pointsBadges:

Splat Nov 29, 2017   4:48 PM GMT

If I understand the underlying processes, sFTP effectively encrypts the data being transmitted using keys (public / private).

12,915 pointsBadges: