Note: By using the code examples, you agree to the terms of the Code license and disclaimer information.
Before reading this topic, you might want to review the information in the following topics:
Briana is writing an application that handles customer data and accounts receivable. Because of recent privacy legislation, she needs to store the customer data encrypted.
Briana will store customer data encrypted in a database file. Each record will represent a different customer. Each record includes a customer unique number which is used as the database key field, an initialization vector which is used in the encrypt/decrypt operations, the accounts receivable balance, and the encrypted customer data.
The following is Briana's DDS for the customer file, which she names CUSDTA.
|...+....1....+....2....+....3....+....4....+....5....+....6....+....7....+....8 A* CUSTOMER FILE A* A R CUSDTAREC TEXT('Customer record') A CUSNUM 8 0 TEXT('Customer number') A IV 16 TEXT('Initialization vector') A CCSID(65535) A ARBAL 10 2 TEXT('Accounts receivable balance') A CUSDTA 80 TEXT('Encrypted customer data') A CCSID(65535) A* 20 Name A* 20 Address A* 20 City A* 2 State A* 5 Zip Code A* 10 Phone number A* 3 Pad A K CUSNUM A*
Briana has several choices for an encryption key (which we will call the file key).
Briana carefully thinks through the requirements of her application and the security implications. Her decision is to use a key encrypted under a keystore key. She will store the encrypted file key in a separate file called CUSPI. Although the file key is encrypted, Briana is still careful to restrict authority to CUSPI.
In addition to the encrypted file key, Briana needs to store the last used customer number. Following is Briana's DDS for the customer processing information file, CUSPI.
|...+....1....+....2....+....3....+....4....+....5....+....6....+....7....+....8 A* CUSTOMER PROCESSING INFORMATION A* A R CUSPIREC TEXT('Customer processing info') A KEY 16 TEXT('Encryption key') A CCSID(65535) A LASTCUS 8 0 TEXT('Last customer number') A*
Briana's application includes a program to setup and intialize the files and keys, a program that writes customer data to the CUSDTA file, and a program that bills customers. These programs are described below. Code examples for these programs are also provided. The scenarios below contain many references to Cryptographic Services APIs. Note that in V6R1 all the key management functions can be accomplished not only through the Cryptographic Services APIs, but also through the Cryptographic Services set of CL commands, and through the Cryptographic Services Key Management function in IBM® Systems Director Navigator for IBM i.
The Setup_Cus program performs the following steps:
Here are example programs for Setup_Cus.
The Write_Cus program performs the following steps:
Here are example programs for Write_Cus.
The Bill_Cus program performs the following steps:
Here are example programs for Bill_Cus.
To backup file CUSDTA, you must backup files CUSPI and CUSKEYFILE as well. A perpetrator should not be able to use these files on another system because CUSDTAKEK is encrypted under a master key, and master keys should never be shared between systems. However, if the perpetrator has the ability to restore these files onto the orignal system and has access to the Decrypt Data API, he will be able to hack the customer data.
It is a good idea to periodically change the value of the master key. Whenever the master key is changed, CUSDTAKEK must be re-encrypted under the new master key value. You can do this with the Translate Keystore API. Remember to backup a keystore file whenever you re-encrypt the key values under a new master key.
[ Back to top | Cryptographic Services APIs | APIs by category ]