Your Browser is not longer supported

Please use Google Chrome, Mozilla Firefox or Microsoft Edge to view the page correctly
Loading...

{{viewport.spaceProperty.prod}}

Application scenarios

The EXTERNAL_ACCOUNTS file is rated as “security-relevant” and is thus to be maintained in encrypted form. It is converted once only into an encrypted file:

/ENCRYPT-FILE FILE-NAME=EXTERNAL_ACCOUNTS, -

              CRYPTO-PASSWORD='ELEPHANT',CONFIRM-PASSWORD='ELEPHANT'

You can then check whether and with which encryption method the file was encrypted:

/SHOW-FILE-ATTRIBUTES EXTERNAL_ACCOUNTS,SECURITY=*YES
0000000066 :X:$U234.EXTERNAL_ACCOUNTS 
------------------------------- SECURITY     -----------------------------
   READ-PASS  = NONE        WRITE-PASS = NONE        EXEC-PASS  = NONE
   USER-ACC   = OWNER-ONLY  ACCESS     = WRITE       ACL        = NO
   AUDIT      = NONE        FREE-DEL-D = *NONE       EXPIR-DATE = 2007-02-08
   DESTROY    = NO          FREE-DEL-T = *NONE       EXPIR-TIME =   00:00:00
   SP-REL-LOCK= NO          ENCRYPTION = AES
 :X:    PUBLIC:      1 FILE  RES=        66 FRE=       50 REL=       18 PAGES

The following application scenarios show the different requirements for applications or users which result from working with encrypted files.
Some of the applications must be adapted, with others it is sufficient to specify the crypto password to work with encrypted files.

The following application scenarios are presented:

  • Application writes to an encrypted file

  • Application reads an encrypted file and generates an encrypted output file

  • Processing encrypted files in procedures

  • Forwarding an encrypted file to subtasks

  • Printing out an encrypted file

  • Administering encryption

Application writes to an encrypted file

The UPDATE.EXT_ACCO application enters the current account balances in the EXTERNAL_ACCOUNTS file. The application can remain unchanged even if the EXTERNAL_ACCOUNTS file is now encrypted. Before the application is called only the crypto password need be specified:

/ADD-CRYPTO-PASSWORD 'ELEPHANT'
/START-EXEC-PROGRAM UPDATE.EXT_ACCO 
/REMOVE-CRYPTO-PASSWORD 'ELEPHANT'

Application reads an encrypted file and generates an encrypted output file

The KONTSORT application sorts the accounts according to the current account balances and generates an output file for this purpose. If the input file is encrypted (as for example the EXTERNAL_ACCOUNTS file), the output file should also be encrypted in the same way. KONTSORT must be modified for this purpose.

After the output file has been created and before it is opened, the conversion must be entered in an encrypted file:

FILE OUTPUT_FILE 
ENCFILE PATHNAM='OUTPUT_FILE',REFFILE='INPUT_FILE'
OPEN OUTPUT_FILE

If the input file is not encrypted, execution of the ENCFILE macro is rejected and the output file is not encrypted. If the input file is encrypted, the encrypted output file is assigned the same crypto password as the input file. This must be specified when the KONTSORT application is called (as in "Application writes to an encrypted file") so that KONTSORT can open the input file.

Processing encrypted files in procedures

The UPDATE.EXT_ACCO program (see "Application writes to an encrypted file") must be called in the S procedure UPDATE.PROC which is run each day by the systems support. The ADD-CRYPTO-PASSWORD='ELEPHANT' statement has been entered in the S procedure, but the systems support should not know the crypto password.

Procedure: The S procedure UPDATE.PROC is converted with COMPILE-PROCEDURE (SDF-P is required for this). The result is a compiled procedure file in which the crypto password is no longer readable. Only this file is made accessible to the systems support. Systems support can execute it, but not read it.

Forwarding an encrypted file to subtasks

The TAX.EXT_ACCO program analyzes each account in the EXTERNAL_ACCOUNTS file and creates tax certificates for them. The program operates asynchronously in multiple subtasks and opens the encrypted file EXTERNAL_ACCOUNTS there. Specifying the crypto password via the task-specific crypto password table is not suitable for this purpose because the authorization is not required by the calling task, but in the subtasks. The program must thus be modified.

A program parameter is introduced via which the crypto password can be specified. The program call then looks as follows:

/START-EXEC-PROGRAM TAX.EXT_ACCO

*Crypto-Password: 'elephant'

The program must then forward the specified crypto password to the subtasks which open the EXTERNAL_ACCOUNTS file.
In the subtask the program must then specify the crypto passsword via the P1-FCB (for a description of the FCB macro see the “DMS Macros” manual [1 (Related publications)]) before opening the EXTERNAL_ACCOUNTS file.

Printing out an encrypted file

When printing out an encrypted file (manually or from a program) security considerations must be borne in mind – particularly in the case of a centralized printout.
You can satisfy these security considerations by, for example, restricting the printouts to manual printouts only on a local printer in the same room.

An encrypted file cannot be printed out directly. The user must temporarily generate an unencrypted copy of the file to be printed out and print out this copy. After the copy has been printed out its contents must be overwritten with binary zeros.

/ADD-CRYPTO-PASSWORD 'ELEPHANT'
/COPY-FILE EXTERNAL_ACCOUNTS,TEMP-PRINT
/DECRYPT-FILE TEMP-PRINT
/REMOVE-CRYPTO-PASSWORD 'ELEPHANT'
/PRINT-DOCUMENT TEMP-PRINT,DELETE-AFTER-PRINT=*DESTROY

Note

If the TEMP-PRINT copy is created as a private disk file before COPY-FILE, the file content is decrypted with COPY-FILE (because a private disk file may not be encrypted), which means that DECRYPT-FILE is not needed.

Administering encryption

The auditing department must monitor the use of encrypted files, check on the assignment of crypto passwords, and store them in a safe place to prevent them being lost.

  1. The auditing department sets up its own ID SAMPLE on the pubsets which are to contain encrypted files.

    In addition it sets the system parameter FREFCRYP to the value “SAMPLE” in those systems where encryption is to be used.

    Now encrypted files can only be set up outside the ID SAMPLE with reference to files which are already encrypted and no longer using freely selectable crypto passwords.

  2. The department for foreign accounts applies to the auditing department for permission to use encrypted files.

  3. The auditing department authorizes this and sets up a shareable file with the name $SAMPLE.REFERENZ.EXTERNAL_ACCOUNTS. The file content is irrelevant.

  4. The representative for the foreign accounts converts this file into an encrypted file and specifies a self-defined crypto password.

  5. A hardcopy of this ENCRYPT-FILE call (with the defined crypto password) is sealed and placed in the safe of the auditing department.

  6. The department for foreign accounts can now encrypt files on its ID as required by referring to this reference file.

    It is not possible for the department to refer to other reference files if it does not know the associated crypto password.

  7. An in-house convention could be, for example, that employees who know the associated crypto password are listed in the reference file.

Powered by Atlassian Confluence and Scroll Viewport.