• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • Townsend Brings Modern Crypto Capabilities To Legacy RPG Apps

    May 18, 2016 Alex Woodie

    The field-level encryption capability that IBM introduced with IBM i 7.1 is a powerful tool for securing sensitive data. However, IBM i shops that have not modernized their legacy RPG applications with SQL access methods find it difficult to use. That should change with new technology coming out of Townsend Security this week at the COMMON conference in New Orleans.

    The DB2 field procedure exit point that IBM launched in 2010 helped a lot of IBM i shops to encrypt their data on a field-level. The capability to encrypt pieces of sensitive data residing in particular parts of their DB2 for i databases, while leaving other pieces of data untouched, was a blessing to companies in retail, healthcare, and financial services industries struggling to comply with tough new security mandates.

    However, the FieldProc came with a catch. While it worked just fine if your IBM i application accessed data via SQL calls, it didn’t work quite so well for older RPG applications using native I/O methods to access the database. The FieldProc method proved especially troublesome for companies that organized their databases in a particular way–when they built column-level indexes for sensitive data.

    Patrick Townsend, the CEO and founder of Townsend Security, explains the significance. “Many–perhaps most–IBM i customers have not been able to leverage FieldProc automatic encryption because of the inherent limitations in legacy RPG I/O,” he tells IT Jungle via email. “Encrypted indexes just don’t work as expected with the older I/O model.”

    IBM’s path forward for these IBM i shops entails re-engineering RPG applications to use the SQL Query Engine (SQE). “But this means a huge investment for most IBM i customers that provides little in the way of business improvement,” Townsend adds. “So most IBM i customers have been on the sidelines.”

    So Townsend decided to do something about it, using another relatively recent piece of IBM technology: Rational Open Access: RPG Edition, which is sometimes called OAR, ROAR, or RPG OA.

    How Townsend Security implemented OAR to streamline access to FieldProc.

    OAR, you will remember, is a modernization tool that enables IBM i shops to bypass native RPG I/O and create intermediary programs, called “handlers,” that enable the RPG application to communicate with a device for which it wouldn’t normally be able to communicate in a native manner. The 5250 data stream, of course, is not an ideal way to communicate with modern Web browsers and mobile devices, which were the primary targets that IBM envisioned OAR to be used with.

    But IBM was clear that Web and mobile clients weren’t the only uses for OAR, and it appears that Townsend has hit on another. To that end, yesterday Townsend announced that it has used OAR to enable RPG apps to bypass native I/O and instead talk SQL. The OAR handler that Townsend developed appears as an F spec in the RPG code, and essentially makes the RPG application look like it talks SQL to the database via the SQL Query Engine (SQE). In this manner, Townsend enables older RPG applications to work with the FieldProc via SQL.

    Here’s how the company describes it:

    “The Townsend Security solution maps legacy RPG file operations like CHAIN, SETLL and other operations to native SQL statements, while preserving the functional integrity of the original RPG business logic. This means that IBM i customers can install the Townsend Security code, make one line of change to their application source code, and effectively convert the application to SQL,” the company says.

    The result of all this, Patrick Townsend says, is a simple solution to a complex problem. “It’s like magic,” Townsend says. “Many IBM i customers have struggled with the implementation of encryption using FieldProc because of the limitations of RPG applications, which use encrypted indexes. For most of our customers, this will open the way to deploying encryption with a minimum of disruption. IBM i customers have a huge business investment in RPG applications.”

    Townsend Security is now selling this FieldProc solution in AES/400, its flagship encryption software for IBM i. AES/400 implements a set of AES encryption APIs and supports for encrypting save files, IFS files, and tape files. The software works with local key stores as well as Alliance Key Manager, which is the company’s FIPS 140-2-compliant key manager solution.

    The company is also starting an early adopter program for the new FieldProc capability. If you’re interested in joining it, you can contact Townsend at the company’s website, www.townsendsecurity.com.

    RELATED STORIES

    File Integrity Monitoring Comes to IBM i

    Townsend Automates IBM i Encryption with ‘Field Proc’

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags:

    Sponsored by
    DRV Technologies, Inc.

    DRV’s FlexTools family of software solutions streamline resources, improve efficiency and enable pro-active system management.

    Solutions include:

    • Convert spooled files to Excel & PDF
    • Automated email distribution & archive
    • Electronic forms to print, email & archive
    • Secure laser check printing
    • IBM i system monitoring

    Better software, better service, DRV Tech.

    Learn how you can get more from your IBM i at www.drvtech.com

    Call 866 378-3366 for a Free Demonstration

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Sponsored Links

    System i Developer:  RPG & DB2 Summit - October 4-6 2016 in Chicago. Register now!
    ASNA:  FREE Webcast: Give your RPG applications the UI they deserve with ASNA Wings. May 19
    Profound Logic Software:  'i on the Enterprise' Worldwide Virtual Event. June 8. Register Now!

    RDi Debug Without SEPs Clearlake Sees Vision Deal As M&A Platform In IBM i Land

    Leave a Reply Cancel reply

Volume 26, Number 23 -- May 18, 2016
THIS ISSUE SPONSORED BY:

Maxava
Profound Logic Software
ASNA
HiT Software
Baseline Data Services

Table of Contents

  • Product Highlights From Spring COMMON 2016
  • Townsend Brings Modern Crypto Capabilities To Legacy RPG Apps
  • Manufacturer Leans In On Shop Floor Automation
  • Rocket Brings Mobile App DevOps Into The IBM i Fold
  • Responsive Design, Node.js Top BCD App Dev Enhancements

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • The IBM i Power10 Upgrade Cycle Forecast Looks Favorable
  • White Hats Completely Dismantle Menu-Based Security
  • Cloud Software To Drive Enterprise Application Growth
  • How Do You Stay In Touch With The IBM i Community?
  • IBM i PTF Guide, Volume 25, Number 6
  • Security Still Top Concern, IBM i Marketplace Study Says
  • Bob Langieri Shares IBM i Career Trends Outlook for 2023
  • Kisco Brings Native SMS Messaging to IBM i
  • Four Hundred Monitor, February 1
  • 2023 IBM i Predictions, Part 4

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2022 IT Jungle

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.