• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • Automating Database Encryption Expands Linoma’s Portfolio

    September 4, 2007 Dan Burger

    Everyone seems to completely comprehend the importance of data encryption. The loss of sensitive data, whether it pertains to customers, employees, or trade secrets, can put a lot of folks in a world of hurt. So why, then, are so few organizations doing it? Probably the biggest obstacle has been the difficult and time-consuming encryption implementation process. Linoma Software hopes to lower that hurdle with the introduction of its new product called Crypto Complete.

    Linoma has been developing encryption tools for several years. It has products, such as Transfer Anywhere, that make use of various encryption technologies, such as the SSL and SSH that are used for transmitting files (with trading partners, for instance), as well as the AES, Open PGP, and ZIP technologies that are used in encrypting backup libraries, objects, and IFS files that are stored on tape, disk, and other devices.

    Bob Luebbe, Linoma’s president, says the company’s customers have been asking for encryption on database files. “It is being driven by the PCI standards for the credit card industry, and started off as a focus on credit card numbers, but then it expanded to things like bank account numbers, social security numbers, and wages,” Luebbe says. “The pressure is on to protect the information of customers and employees.”

    Crypto Complete is designed to automate the complex encryption of database files that are incorporated into applications. Every program that places data in the database file calls out APIs that encrypt information on the screen before storing it in the database.rnSome of the changes required are extensive. And when certain data–a social security number, for instance–gets entered into multiple programs, the changes need to be made in each location.

    “We looked for a way to automate those program changes,” Luebbe says. “No one in the marketplace was doing that. We wanted to alleviate the time and effort part of doing encryption. It’s complex and time consuming. You have to understand how encryption works and how key management works. A lot of shops have no exposure to encryption.”

    The companies that have undertaken this task dedicated the people resources to get through it, but Luebbe says the mid size and smaller companies that are mandated to encrypt credit card numbers are being overwhelmed with the learning curve and the amount of changes they have to make. Because it is such a monumental effort, they have put it off.

    Crypto Complete makes use of encryption algorithms that have been built into the IBM i5/OS operating system since V5R1. “We are an IBM business partner and so we worked with them as our ideas developed,” Luebbe says. “We built the management screens and commands around the IBM APIs and just made them easier to use.”

    The encryption process starts with a screen where the database to be encrypted is registered. The user gives the command to encrypt a specified field, notes the file where that field resides, and notes the encryption key that is being used. Crypto Complete will encrypt all the data in that field. It uses triggers on the files that will trap updates or additions to that file and automatically encrypt that field. No manual changes are required, and this includes the major benefit of not needing to modify application programs.

    On the decryption side, complete automation would defeat the purpose of encryption. So you need to purposely code the applications that initially needed the encryption. However, instead of having 30 parameters to pass, like you might have without the automation Crypto Complete provides, you may have only six.

    The amount of programming required on the decryption side will vary depending on the type of application. It could be a single program, such as an order view screen that contains sensitive information. In another case, there could be multiple screens and multiple applications to modify. The authorized programmer is in control of where the decrypted values should be shown. The more fields you are encrypting, the more changes are necessary on the decryption side.

    “With our APIs, we have simplified the process,” Luebbe says. “IBM has tried to provide every potential option that any customer could want for a particular function, which gives them really complex APIs. We focused on the databases that a specific customer wants to decrypt and we know what key to use and the decrypted value.”

    Another time-saver built into Crypto Complete takes into account the hassles of dealing with field sizes and lengths. To begin, numeric fields cannot store encrypted data because they only hold the numerals zero through nine. Encrypted data uses the entire hex decimal set from zero to 255 with a combination of numbers, letters, and special characters.

    Normally encryption requires a certain build size. It is 16 characters in a lot of cases. That causes a problem, for instance, with Social Security numbers, which are only nine digits long. Expanding the field length to hold at least 16 bytes of encrypted data is one of those tasks that can be very time intensive.

    Linoma designed Crypto Complete to encrypt numeric fields as well as small fields. It did this by allowing users to store the encrypted value in an external file. However, files stored externally remain just as manageable as if they were stored internally. This does require an extra database I/O, but Luebbee says its impact has been minimized.

    “Most systems have so much horsepower that this additional database I/O will be insignificant,” he says. “If you have a machine that is already overloaded and users are already experiencing long response times, making this step certainly won’t help. But in the testing that we’ve done, and from what our beta customers have told us, there has been no noticeable impact to their response times.”

    The area of key management is also important to encryption. Safeguards need to be in place to prevent key access by unauthorized personnel who can then decrypt data. Crypto Complete measures up to stringent PCI requirements in this area.

    In the past, key changes required decrypting all existing data that used that key. Then that data was re-encrypted with the new key. This was not a big problem for organizations that only changed keys every couple of years. But some companies are now rotating keys as frequently as every 90 days. Others are on twice a year schedules.

    With Crypto Complete, Linoma made it easy to change the key at any time and any new data will be encrypted to that new key immediately. There are provisions for keeping track of which keys are used and which records they are protecting. It is possible to re-encrypt the old data and bring everything up to the new key. It is automated, but if millions of records are in the file, it’s going to take some time.

    Crypto Complete also has SQL capabilities. “We realized a lot of people are not only coding green-screen applications in RPG or COBOL, but they are also hitting their database with Java and C and Web apps,” Luebbe says. “So we developed a function in stored procedures that users can call from those other distributed languages so they can, with the proper authority, have encrypted and decrypted data. We are taking care of both the green-screen and the GUI/Web world so they can have access to data.”

    For more details on Crypto Complete, see the Linoma Software Web page. The product is available as of today. Pricing, which is based on processor group, begins at $3,995 and ranges up to $14,000.

    RELATED STORIES

    Linoma Expands Security Power on Data Transfer Product

    Linoma Boosts Security and Automation of Data Transfer Tool

    Linoma Boosts Security Automation with OS/400 Data Transfer Tool



                         Post this story to del.icio.us
                   Post this story to Digg
        Post this story to Slashdot

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags:

    Sponsored by
    PERFSCAN

    Revolutionary Performance Management Software

    At Greymine, we recognize there is a void in the IT world for a dedicated performance management company and also for a performance management tool that’s modern, easy to use, and doesn’t cost an arm and a leg. That’s why we created PERFSCAN.

    PERFSCAN is designed to make your job easier. With revolutionary technology, an easy-to-read report and graphics engine, and real time monitoring, tasks that used to take days can now take minutes. This means you will know your system better and will be able to provide better service to your customers.

    OUR FEATURES

    PERFSCAN is full of robust features that don’t require you to take a three-day class in order to use the product effectively.

    Customizable Performance Reporting

    Whether you are troubleshooting a major system problem or simply creating a monthly report, PERFSCAN lets you select any combination of desired performance metrics (CPU, Disk, and Memory).

    User Defined Performance Guidelines

    No matter if you are a managed service provider managing complex systems in the cloud or a customer analyzing your on-premises solution, PERFSCAN gives you the flexibility to define all mission critical guidelines how they need to be.

    Understanding The Impact Of Change

    Tired of all the finger pointing when performance is suffering? PERFSCAN’s innovative What’s Changed and Period vs. Period analysis creates a culture of proof by correlating known environmental changes with system performance metrics.

    Comprehensive Executive Summary

    Creating performance graphs is easy. Understanding what they mean is another thing. With one mouse click, PERFSCAN includes an easy-to-understand executive summary for each core metric analyzed.

    Combined Real-Time Monitor And Performance Analysis Tool

    With PERFSCAN’s combined built in enterprise real-time monitor and historical performance analysis capability, you will always know how your mission-critical systems are performing.

    Cloud Performance Reporting Is Easy

    Managing performance for production systems in the cloud can be a black hole to many system administrators. The good news is PERFSCAN analyzes all core metrics regardless of the location. That’s why MSPs and customers love PERFSCAN.

    Detailed Job Analysis

    PERFSCAN shows detailed top job analysis for any desired period. All metrics are displayed in two ways: Traditional Report and Percentage Breakdown Pie Chart. This toggle capability instantly shows the jobs using the most system resources.

    Save Report Capability

    Your boss lost the report you gave to him on Friday. Now what do you do? With PERFSCAN’s save report capability, any report can be retrieved in a matter of seconds.

    Professional PDF Reporting With Branding

    Creating professional looking reports for your customers has never been easier with PERFSCAN. Branding for our partners and service provider customers is easy with PERFSCAN.

    Check it out at perfscan.com

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Sponsored Links

    Vision Solutions:  Vision Solutions and Lakeview Technology are now one
    Affirmative Computer:  YEStablet wireless thin client supports 5250 and 3270 emulation
    COMMON:  Join us at the annual 2008 conference, March 30 - April 3, in Nashville, Tennessee

    IT Jungle Store Top Book Picks

    The System i Pocket RPG & RPG IV Guide: List Price, $69.95
    The iSeries Pocket Database Guide: List Price, $59.00
    The iSeries Pocket Developers' Guide: List Price, $59.00
    The iSeries Pocket SQL Guide: List Price, $59.00
    The iSeries Pocket Query Guide: List Price, $49.00
    The iSeries Pocket WebFacing Primer: List Price, $39.00
    Migrating to WebSphere Express for iSeries: List Price, $49.00
    iSeries Express Web Implementer's Guide: List Price, $59.00
    Getting Started with WebSphere Development Studio for iSeries: List Price, $79.95
    Getting Started With WebSphere Development Studio Client for iSeries: List Price, $89.00
    Getting Started with WebSphere Express for iSeries: List Price, $49.00
    WebFacing Application Design and Development Guide: List Price, $55.00
    Can the AS/400 Survive IBM?: List Price, $49.00
    The All-Everything Machine: List Price, $29.95
    Chip Wars: List Price, $29.95

    Admin Alert: Magical & Mysterious iSeries Access CWB Programs SugarCRM Delivers ‘Landmark’ Release

    Leave a Reply Cancel reply

Volume 7, Number 33 -- September 4, 2007
THIS ISSUE SPONSORED BY:

ProData Computer Services
Aldon
Vision Solutions
COMMON
RJS Software Systems

Table of Contents

  • SugarCRM Delivers ‘Landmark’ Release
  • Automating Database Encryption Expands Linoma’s Portfolio
  • Services a Priority at ASNA after Merger with BluePhoenix
  • The Data Quality Inflection Point
  • Global Supports Infor ERP XA and SyteLine with Spreadsheet Server
  • New ESB from iWay Deploys on J2EE App Servers
  • Sterling Gives Peek at Next Release of Gentran
  • Gate Petroleum Licenses Boomi for AS/400 Integration
  • Insurance Company to Install Lawson S3 on System i
  • Expand Bolsters Network Acceleration Devices

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • IBM i Delivers Sizable Benefits, Forrester Consulting Reports
  • SBOMs Will Come to IBM i, Eventually
  • IBM i Backup Provider Storagepipe Snapped Up By Thrive
  • Four Hundred Monitor, June 7
  • IBM i PTF Guide, Volume 25, Number 23
  • Power10 Boosts NVM-Express Flash Performance
  • Fortra Completes Postmortem Of GoAnywhere Vulnerability
  • Guru: Binding Directory Entries
  • How Does Your Infrastructure Spending Stack Up To The World?
  • IBM i PTF Guide, Volume 25, Number 22

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2023 IT Jungle