Line: 1 to 1 | |||||||||
---|---|---|---|---|---|---|---|---|---|
| |||||||||
Added: | |||||||||
> > | |||||||||
APPXIO Data Encryption | |||||||||
Changed: | |||||||||
< < | Encryption of APPXIO data is now an available option at the System, Database, Application, and File levels. | ||||||||
> > | Effective with Release 5.0.0, the APPX Utility includes an option to encrypt APPXIO data files. | ||||||||
Changed: | |||||||||
< < | How to encrypt a file | ||||||||
> > | OverviewRelease 5.0.0 or higher of the APPX Utility allows APPXIO data files to be optionally encrypted. Encrypting data files can provide an added layer of security for sensitive data. If an encrypted file is opened by any program other than APPX, the encrypted data is unintelligible. This means that backup copies of encrypted files on tape or disk are also secure since they cannot be deciphered without the appropriate software and encryption keys. If an encrypted data file is moved to another APPX server, it cannot be deciphered unless the APPX server is configured with the appropriate encryption keys and meets other necessary criteria.How to Enable APPXIO File EncryptionThe APPXIO file encryption feature is easily enabled by entering a passphrase into the Encryption Passphrase field of the System Parameter Record in APPX System Administration. Setting the system Encryption Passphrase enables the APPXIO file encryption feature but does not actually cause any files to be encrypted. To enable encryption of individual files, you must also enter an encryption key into the file specifications for each of the individual files that are to be encrypted or you must enter an encryption key into the FMS group specifications for each group of files that are to be encrypted. Finally, after entering a system Encryption Passphrase and entering the appropriate encryption key(s), you must create the files that are to be encrypted. If the files already exist, they must be Initialized or Scratched and then Created. If existing files are to be encrypted, the data must be exported before entering the encryption keys and then imported. So, the three steps required to enable encryption of APPXIO data files are:
How to Set or Change the System Encryption PassphraseThe system Encryption Passphrase can be set or changed from the System Parameter maintenance screen:System Administration --> System Setup --> System ParametersTo set the system Encryption Passphrase, you must click on the "Change" button next to the Encryption Passphrase field. You will then be presented with the following form which will allow you to set the system Encryption Passphrase. If no data files have actually been encrypted, the system Encryption Passphrase may be safely changed. However, if any data files have been encrypted, you must follow the steps outlined below to change the system Encryption Passphrase. If you do not follow these steps, any previously encrypted data files will no longer be accessible by the system.
How to Enter an Encryption Key For a FileThe encryption key for a specific file is entered in Database Management.Database Management --> File Specifications --> File AttributesThe same encryption key value can be entered for each file or each file can have its own unique encryption key. An easy way to ensure that each file has a unique encryption key is to use the Random Key button to automatically generate a random key for the file. If you choose to enter an encryption key, you should choose "strong" key values just as you would for a password. This means that your key should not be a common name or word, should include a mixture of letters, numbers, and special characters, and should be more than a few characters in length. How to Enter an Encryption Key for a FMS groupThe encryption key for a FMS group is entered in System Administration.System Administration --> Configuration --> File System Groups --> FMS Group AttributesThe same encryption key value can be entered for each FMS Group or each FMS Group can have its own unique encryption key. An easy way to ensure that each FMS Group has a unique encryption key is to use the Random Key button to automatically generate a random key for the FMS Group. If you choose to enter an encryption key, you should choose "strong" key values just as you would for a password. This means that your key should not be a common name or word, should include a mixture of letters, numbers, and special characters, and should be more than a few characters in length. How to Create A New Encrypted FileThe following steps must be followed to encrypt a new file.
How to Encrypt an Existing FileThe following steps must be followed to encrypt an existing APPXIO file:
| ||||||||
If the file already exists in an unencrypted state, you should first export the data. | |||||||||
Line: 13 to 75 | |||||||||
Then, you must enter encryption keys in the file specification for the file that you wish to encrypt or define an FMS group with encryption keys and assign the FMS group to the file that you wish to encrypt. Then you can create the file or, if the file already exists, you can import the data that you previously exported. If you import, be sure to specify the replace option so that the old file will be scratched and recreated as an encrypted file. | |||||||||
Changed: | |||||||||
< < | Sharing Encrypted Files | ||||||||
> > | How to Disable APPXIO File EncryptionSharing of Encrypted Files | ||||||||
Encrypted files are secure. If you copy them to another APPX system you will not be able to read them unless you use the same encryption keys that were used on the system that created the file and the same passphrase. | |||||||||
Added: | |||||||||
> > | Recovery of Corrupted Encrypted FilesEncrypted files which have become corrupted may be recovered by using the "recover" option of the APPX Utility engine. The recovery process for encrypted files is the same as the recovery process for non-encrypted files.appx -recover [ -c ] old_file new_file [ del_rec_file ]For additional information on the use of the recover option, you can run: appx -recover Recovery of Undecipherable Encrypted FilesYou should keep a record of the system Encryption Passphrase and the Encryption Keys that have been entered in a secure location that can be accessed in the event that you need to reenter the information. Once entered, the Encryption Passphrase and the Encryption Keys should not be needed again unless you find yourself in a situation where your System Administration files have become corrupted or lost and you cannot restore them from a backup. You might also need this information to set up an additional APPX server that needs to be able to access encrypted data files that were created on another APPX server. You will not be able to access your encrypted data files unless you are able to reenter the exact System Passphrase and the exact Encryption Keys that were used to create and process the encrypted data files. In the unlikely event that you to find yourself in the situation where your encrypted files cannot be accessed because you are unable to correctly enter the necessary System Passphrase and Encryption Keys, you should contact APPX Software, Inc. for assistance with recovering the encrypted data.Limitations:
| ||||||||
Issues:
| |||||||||
Line: 30 to 109 | |||||||||
-- AlKalter - 04 Apr 2008 \ No newline at end of file | |||||||||
Added: | |||||||||
> > |
|