Pat Townsend Launches Stand-Alone AES/400 Encryption Solution
November 30, 2004 Alex Woodie
Patrick Townsend & Associates is now shipping Alliance AES/400, a data security utility that provides an OS/400 implementation of the 256-bit Advanced Encryption Standard (AES) algorithm. Previously provided as an optional component of Pat Townsend’s FTP Manager product, AES/400 has been broken out as a stand-alone utility to give OS/400 shops an easy way to encrypt their sensitive DB2/400 and IFS fields and files, and to share encrypted files with Windows clients.
If you’ve heard it once, you’ve heard it a thousand times: the OS/400 server, out of the box, is one of the most computer secure platforms in use. However, good security practices (and, increasingly, state and federal regulations) require that you take certain additional steps to protect your, as well as your customers’, valuable data from those inevitable prying eyes. Credit card numbers, PIN codes, and Social Security numbers are just some of the types of data that businesses of every size should protect with the utmost of fiduciary zeal.
Short of locking your OS/400 servers and media in a vault and throwing away the key, one of the best ways you can protect your sensitive data is by encrypting it with one of the accepted standards in use today. Pat Townsend, the OS/400 software developer out of Olympia, Washington, has been doing some work this year with the new AES algorithm sanctioned by the U.S. government.
Alliance AES/400 can be used as a stand-alone utility for encrypting and decrypting DB2/400 or IFS files, and even individual DB2/400 fields just a few bytes long. Also provided in the package is an encryption key management system for ensuring the secure storage of AES keys for field- and file-level encryption. The encryption software can be used to encrypt backups to tape or optical media, and programmers can use the APIs and source code provided by Pat Townsend to integrate AES encryption into RPG and COBOL applications.
A Window on iSeries Encryption
There is a lot of iSeries-Windows compatibility with AES/400, as DB2/400 or IFS files encrypted on the iSeries can be decrypted on Windows PCs or servers. AES/400 also provides the option to convert the data to ASCII or to retain it its original EBCDIC character set, or to convert just the decryption pass phrase to ASCII. The product also comes with a free Windows-based AES encryption application that generates encrypted Windows files that can be decrypted by AES/400 on an iSeries.
But the product’s greatest iSeries-Windows compatibility lies in its capability to create self-decrypting archives. AES/400 can package self-decrypting archives that open on a Windows PC or server and do not require the recipient to have third-party software. The product can configure the self-decrypting archives to open after the user types in the correct pass phrase, or to open without a pass phrase, which, the company says, is handy if you’re automating the encryption process from a command line.
If FTP is your favored means of distributing files, consider deploying AES/400 with Pat Townsend’s Alliance FTP Manager, which is where the company first delivered its AES security software this spring (see “Patrick Townsend Brings 256-Bit AES Encryption to DB2/400 Data” in the April 6 issue of this newsletter). There are advantages to deploying AES/400 with FTP Manager, such as the capability to automatically encrypt and distribute files to customers or business partners.
Pat Townsend, president of the company, says that industry regulation, such as the Sarbanes Oxley Act, Gramm Leach Bliley, and the California Privacy Notification Act, is driving the adoption of encryption. “Everyone knows the risk of not encrypting credit card numbers, Social Security numbers, and other sensitive information,” Townsend says. “But deploying the right encryption technology and key management facilities has been a daunting task. We are attempting to take some of the pain out of the process with this new software product.”
Pat Townsend is also encouraging interest from software vendors that are interested in embedding AES/400 in their products.
Alliance AES/400 works with V4R5 and later versions of OS/400, and it is certified on the latest i5/OS release. Pricing for the product is tier-based and ranges from $4,500 to $9,500 per machine or logical partition; volume and high availability discounts are also available.