Difference: APPXIODataEncryptionEs (1 vs. 3)

Revision 32010-03-17 - RayPelegrino

 			 META TOPICPARENT 
			 name="APPX500FeaturesEs" 
		
 APPXIO Data Encryption
- META TOPICPARENT
+ name="APPX500FeaturesEs"
  How to Set or Change the System Encryption Passphrase
-<
<
+The system Encryption Passphrase can be set or changed from the System Parameter maintenance screen:
System Administration --> System Setup --> System Parameters
->
>
+En el sistema Encryption Passphrase puede se definir o cambiar con de la pantalla de System Parameter maintenance: System Administration --> System Setup --> System Parameters
-<
<
+To set the system Encryption Passphrase, you must click on the "Change" button next to the Encryption Passphrase field. You will then be presented with the following form which will allow you to set the system Encryption Passphrase.
->
>
+Para fijar system Encryption Passphrase, usted debe seleccionar el boton "Change" acerca del campo Encryption Passphrase. Usted entonces va tener un form que les permitira fijar system Encryption Passphrase.
-<
<
+If no data files have actually been encrypted, the system Encryption Passphrase may be safely changed. However, if any data files have been encrypted, you must follow the steps outlined below to change the system Encryption Passphrase. If you do not follow these steps, any previously encrypted data files will no longer be accessible by the system.
->
>
+Si no hay archivos sendo encrypted, el Encryption Passphrase del sistema puede cambiar con seguridad. Sin embargo, si hay alguno archivo encrypted, usted debe seguir los pasos abajo para cambiar system Encryption Passphrase. Si usted no segui esos pasos, cualquier archivos previamente encrypted no van ser acesibles en su sistema.
-<
<
+ Make sure that no users are accessing the system Do not attempt to change the system Encryption Passphrase while other users are accessing the system.
  Export all of the encrypted APPXIO data files in all APPX databases. The Export herramienta on the Database Management menu should be used to export the encrypted APPXIO data files.
  Use the System Parameters maintenance process in System Administration to change the system Encryption Passphrase. The Set/Change Passphrase screen includes a report that can be run to obtain a list of all FMS groups and files which have been encrypted. Use this list to verify that you have exported all of the encrypted files.
  Change all of the encryption keys that have been entered for individual files and for FMS groups in all databases.
  Import all of the APPXIO data files in all APPX databases that you exported in step 2. Be sure to specify the "Replace" option for the data import.
->
>
+ Estea cierto que no hay usuarios en su sistemoa. No se puede cambiar system Encryption Passphrase enquanto otros usuarios estan en el sistema.
  Exportar todos los archivos encrypted APPXIO en todos las bases de datos de APPX. La herramienta de Export en Database Management menu debe ser usada para exportar los datos de los archivos encrypted de APPXIO.
  Use el proceso de System Parameters mantenimiento en System Administration para change the system Encryption Passphrase. la pantalla Set/Change Passphrase incluye a report que se puede ejecutar para obtener una lista de todos los grupos de FMS y archivos que pueden ser encrypted. Use esta lista para verificar que usted tiene exported todos los archivos encrypted.
  Cambie todos las llaves de encryption que fueron agregadas para individual files y para FMS groups en todas las bases de datos.
  Importe todos los archivos de datos de APPXIO en todos las bases de datos de APPX que usted exported en el paso 2. Estea cierto que a especificar una opcion "Replace" para data import.
  Enter/Edit File Encryption Keys
-<
<
+The encryption key for a specific database instance of a file can be set or changed in Database Management.
Database Management --> File Specifications --> File Attributes
->
>
+La llave de encryption para una base de datos especifica de un archivo puede ser fijada o cambiada en Database Management. Database Management --> File Specifications --> File Attributes
-<
<
+The same encryption key value can be entered for each file or each file can have its own unique encryption key. An easy way to ensure that each file has a unique encryption key is to use the Random Key button to automatically generate a random key for the file. If you choose to enter an encryption key, you should choose "strong" key values just as you would for a password. This means that your key should not be a common name or word, should include a mixture of letters, numbers, and special characters, and should be more than a few characters in length.
->
>
+La misma llave de encryption value puede ser llenada para cada archivo o cada archivo puede tener sy llave de encryption unica. Una boa manera de estar cierto que cada archivo tiene una llave de encryption unica es usar el boton Random Key para generar una llave automaticamente para el archivo. Si usted desea entrar valores "fuertes" tal como usted usa en una contrasena. Eso significa que su llave no debe ser un nombre comun o una palavra, debe incluyer letras, numeros y caracteres especiales y ser mas grante que solamente unos caracteres.
  Enter/Edit FMS Group Encryption Keys
-<
<
+The encryption key for a FMS group is entered in System Administration.
System Administration --> Configuration --> File System Groups --> FMS Group Attributes
->
>
+La llave de encryption para el grupo FMS es llenada en System Administration. System Administration --> Configuration --> File System Groups --> FMS Group Attributes
-<
<
+The same encryption key value can be entered for each FMS Group or each FMS Group can have its own unique encryption key. An easy way to ensure that each FMS Group has a unique encryption key is to use the Random Key button to automatically generate a random key for the FMS Group. If you choose to enter an encryption key, you should choose "strong" key values just as you would for a password. This means that your key should not be a common name or word, should include a mixture of letters, numbers, and special characters, and should be more than a few characters in length.
->
>
+La misma llave de encryption value puede ser llenada para cada FMS Group o cada FMS Group puede tener sy llave de encryption unica. Una boa manera de estar cierto que cada FMS Group tiene una llave de encryption unica es usar el boton Random Key para generar una llave automaticamente para el FMS Group. Si usted desea entrar valores "fuertes" tal como usted usa en una contrasena. Eso significa que su llave no debe ser un nombre comun o una palavra, debe incluyer letras, numeros y caracteres especiales y ser mas grante que solamente unos caracteres.
  How to Create A New Encrypted File
-<
<
+The following steps should be followed to encrypt a new APPXIO file. 
 If APPXIO file encryption has not already been enabled on your system, first follow the steps for enabling APPXIO file encryption.
  Add the new file definition to the data dictionary in your APPX Application.
  Enter the appropriate encryption key in the file specifications for each database instance of the file that you wish to encrypt or assign each database instance of the file to an FMS group for which you have entered an encryption key.
  Create each database instance of the file.
->
>
+Los pasos seguintes deben ser usados para encrypt un nuevo archivo APPXIO. Si APPXIO file encryption no esta fijado enabled en su sistema, primero hay que seguir los pasos para enabling APPXIO file encryption. 
 Agregar nueva version de definicion en el data dictionary en su APPX Application.
  Entrar la llave appropriada encryption en el archivo de especificaciones de archivo para cada base de datos instance del archivo que usted desea encrypt o assign cada instance de la base de datos de su archivo para un grupo de FMS para cual usted debe fijado una llave de encryption.
  Crear cada base de datos instance para su archivo.
  How to Encrypt an Existing File
-<
<
+The following steps should be followed to encrypt an existing APPXIO file: 
 If APPXIO file encryption has not already been enabled on your system, first follow the steps for enabling APPXIO file encryption.
  Export the file that is to be encrypted. If the file has been created in more than one database, you must export each instance of the file that is to be encrypted.
  Enter the appropriate encryption key in the file specifications for each database instance of the file that you wish to encrypt or assign each database instance of the file to an FMS group that has an encryption key.
  Import the file in each database. Be sure to specify the "Replace" option when importing each database instance the file.
->
>
+Los pasos seguintes necesitan ser seguidos para encrypt un archivo exitente APPXIO: 
 Si APPXIO file encryption no esta sendo enabled en su sistema, primero hay que seguir los pasos enabling APPXIO file encryption.
  Exportar el archivo que va ser encrypted. Si el archivo fue creado en mas de una base de datos, usted necesita export cada instance del archivo que va ser encrypted.
  Entrar la llave de encryption appropriada en los archivos de especificaciones para cada base de datos instance del archivo que usted desea encrypt o fijar cada base de datos instance del archivo para un grupo de FMS que tiene una llave de encryption.
  Import el archivo en cada base de datos. Estea cierto de especificar la opcion "Replace" cuando importando cada base de datos instance del archivo.
  How to Decrypt an Encrypted File
-<
<
+ Use the Export herramienta in Database Management to export the encrypted file that is to be decrypted. If the encrypted file exists in more than one database, you must export each instance of the encrypted file that is to be decrypted.
  Remove the encryption key in the file specifications for each database instance of the file that you wish to decrypt. If the file is assigned to a FMS group that has an encryption key, then you must remove the file from the FMS group or remove the encryption key from the FMS group. If you need to remove the encryption key from an FMS group, make sure that you exported all of the files that are assigned to the FMS group in step 1 above.
  Import each database instance of the file. Be sure to specify the "Replace" option when importing each database instance the file.
->
>
+ Use la herramienta de Export en Database Management para exportar archivos encrypted que van ser decrypted. Si los archivos encrypted existen en mas de una base de datos, usted debe export cada instance de archivos encrypted que va ser decrypted.
  Remover encryption key en especificaciones de archivo para cada base de datos instance del archivo usted desea decrypt. Si su archivo es assigned un grupo FMS que tiene una llave de encryption, entonces usted necesita remover el archivo del grupo de FMS o remover la llave de encryption del grupo de FMS. Si usted desea remover las llaves de encryption del grupo FMS, estea cierto que usted exported todos los archivos que fueron assigned para el grupo FMS en el paso 1 arriva.
  Import cada base de datos instance del archivo. Estea cierto para especificar la opcion "Replace" cuando importando cada base de datos instance del archivo.
  Sharing of Encrypted Files
-<
<
+Encrypted files may be shared and successfully accessed by two or more APPX systems provided the following conditions are all satisfied: 
 The system Encryption Passphrases are the same on all systems.
  The file encryption keys are the same on all systems.
  The systems are all registered to the same APPX customer.
->
>
+Archivos Encrypted pueden ser compartidos y accessada con exito por dos o mas sistemas de APPX con tanto qeu las condiciones abajo estean satisfechas. 
 System Encryption Passphrases son las mismas en todos los sistemas.
  File encryption keys son las mismas en todos los sistemas.
  Todos los sistemas estan registrados para el mismo cliente APPX.
-<
<
+If you have more than one APPX system and you do not want to be able to share encrypted files between the systems, then you should use different system Encryption Passphrases and different file encryption keys.
->
>
+Si usted tiene mas de un sistema de APPX y usted no desea compartir archivos encrypted entre los sistemas, entonces usted necesita usar sistemas diferentes de Encryption Passphrases y diferente file encryption keys.
  Recovery of Corrupted Encrypted Files
-<
<
+Encrypted files which have become corrupted may be recovered by using the "recover" option of the APPX herramienta engine. The recovery process for encrypted files is the same as the recovery process for non-encrypted files. For additional information on the use of the recover option, you can run:
appx -recover
->
>
+Encrypted files que se tornan corrupted pueden ser recuperados usando la opcion "recover" de la heeramienta APPX. El proceso de recuperacion para archivos encrypted es el mismo proceso de recovery para archivos que no son encrypted. Para informacion adicional en como usar la opcion recover, usted puede ejecutar: appx -recover
  Recovery of Undecipherable Encrypted Files
-<
<
+You should keep a record of the system Encryption Passphrase and the Encryption Keys that have been entered in a secure location that can be accessed in the event that you need to reenter the information. Once entered, the Encryption Passphrase and the Encryption Keys should not be needed again unless you find yourself in a situation where your System Administration files have become corrupted or lost and you cannot restore them from a backup. You might also need this information to set up an additional APPX server that needs to be able to access encrypted data files that were created on another APPX server. You will not be able to access your encrypted data files unless you are able to reenter the exact System Passphrase and the exact Encryption Keys that were used to create and process the encrypted data files.
->
>
+Usted necesita mantener un registro de la Encryption Passphrase yEncryption Keys que usted utilizo en un local seguro que usted puede tener aceso en un evento que usted necesita re-llenar esa informacion.Una vez que usted uso esta informacion , Encryption Passphrase y Encryption Keys no van ser necesarias a menos que usted tenga una situacion donde System Administration files estean corrupted o perdidos o usted no puede restorar de un backup. Usted puede tambien necesitar esta informacion para set up an additional APPX server que necesita acessar datos encrypted que fueron creados en otro servidor de APPX. Usted no puede acesar sus datos encrypted data files a menos que usted use el mismo System Passphrase y las llaves exactas de Encryption que usted uso cuando creo en el proceso de encrypted data files.
-<
<
+In the unlikely event that you to find yourself in the situation where your encrypted files cannot be accessed because you are unable to correctly enter the necessary System Passphrase and Encryption Keys, you should contact APPX Software, Inc. for assistance with recovering the encrypted data.
->
>
+En el caso que usted no pueda acesar los datos encrypted porque usted no puede acesar System Passphrase y Encryption Keys, usted debe contactar APPX Software, Inc. para apoyo en recover de los datos encrypted.
  Application Design Considerations
-<
<
+When an encrypted file is being opened, the APPX File Manager verifies that the system Encryption Passphrase and the encryption key that were used to create the file match the current system Encryption Passphrase and the current encryption key for the file. If they do not match, the file open will fail. The system File Status field is also set to "FI_CRYPT" indicating that the open failed because of an encryption mismatch.
->
>
+Cuando los archivos encrypted se estan sendo abiertos, el APPX File Manager verifica que el System Encryption Passphrase y llave de encryption que fueron usadas para crear de archivo igual al actual system Encryption Passphrase y la llave actual de encryption para el archivo. Si ellos no son iguales, el abrir archivo va fallar. System File Status campo es fijado para "FI_CRYPT" indicando que el archivo fallo porque hay un erro en encryption.
  Limitations:
-<
<
+ One-record APPXIO files cannot be encrypted.
  Fixed length consecutive APPXIO files cannot be encrypted. Variable length consecutive APPXIO files may be encrypted.
->
>
+ Archivos One-record APPXIO no pueden ser encrypted.
  Archivod de Fixed length consecutivos APPXIO no pueden ser encrypted. Archivos Variable length consecutivos APPXIO pueden ser encrypted.
  Enhancement Suggestions: 
 
 If data is encrypted, a warning should be presented to the user prior to generating a new encryption key, or changing the System Parameter Pass Phrase. This could help prevent unintended data loss.
  When importing data into an newly encrypted state, we should either delete the PORTDATA or warn the user that the PORTDATA is unencrypted.

Revision 22010-03-17 - RayPelegrino

 			 META TOPICPARENT 
			 name="APPX500FeaturesEs" 
		
 APPXIO Data Encryption
- META TOPICPARENT
+ name="APPX500FeaturesEs"
-<
<
+Effective with Release 5.0.0, the APPX Utility includes an option to encrypt APPXIO data files.
->
>
+Efectivamento con la version 5.0.0, la herramienta de APPX incluye una opcion para encryption en los archivos de datos APPXIO
   APPXIO Data Encryption 
  Descripción
   Como Enable APPXIO File Encryption 
  How to Set or Change the System Encryption Passphrase
   Enter/Edit File Encryption Keys
   Enter/Edit FMS Group Encryption Keys
   How to Create A New Encrypted File
   How to Encrypt an Existing File
 
   How to Decrypt an Encrypted File
   Sharing of Encrypted Files
   Recovery of Corrupted Encrypted Files
   Recovery of Undecipherable Encrypted Files
   Application Design Considerations
   Limitations:
   Enhancement Suggestions:
   Comments:
-<
<
+ Overview
->
>
+ Descripción
-<
<
+Release 5.0.0 or higher of the APPX Utility allows APPXIO data files to be optionally encrypted. Encrypted data files provide an added layer of security for sensitive data. If an encrypted file is opened by any program other than APPX, the encrypted data is unintelligible. This means that backup copies of encrypted files on tape or disk are also secure since they cannot be deciphered without the appropriate software and encryption keys. If an encrypted data file is moved to another APPX server, it cannot be deciphered unless the APPX server is configured with the appropriate encryption keys and meets other necessary criteria.
->
>
+Version 5.0.0 o mas alta de la of the APPX herramienta permite a los archivos de APPXIO una opcion de encryption. Los archivos encrypted proveen una camada de securidad para datos importantes. Si un archivo es abierto por un programa que nos sea APPX, los datos no var ser incomprensibles. Eso significa que las copias de backup encripted tambien son seguros una vez que no se puede decifrar sin el software apropriado y llave de encryption. Si un archivo con datos encrypted se move a otro servidor, no se puede decifralos sin una configuracion de servidor con las llaves de encryption y tambien tiene los otros criterios necesarios.
-<
<
+ How to Enable APPXIO File Encryption
->
>
+ Como Enable APPXIO File Encryption
-<
<
+The APPXIO file encryption feature is easily enabled by entering a passphrase into the Encryption Passphrase field of the System Parameter Record in APPX System Administration.
->
>
+APPXIO file encryption es facil de enable en entering a passphrase el campo de Passphrase Encryption en el System Parameter Record en APPX System Administration.
-<
<
+Setting the system Encryption Passphrase "enables" the APPXIO file encryption feature but does not actually cause any files to be encrypted. To "enable" encryption of individual files, you must also enter an encryption key into the file specifications for each of the individual files that are to be encrypted or you must enter an encryption key into the FMS group specifications for each group of files that are to be encrypted. However, if any existing files are to be encrypted, they must be exported before you enter any encryption keys.
->
>
+Podemos poner en sistema Encryption Passphrase "enables" en APPXIO file encryption feature pero eso no hace los archivos a ser encrypted. Para "enable" encryption de archivos indidualess, usted debe entrar con una llave de encrytion key en especificaciones de archivo para los archivos individuales o usted debe entrar una llave de encription en el grupo de especificaciones de FMS para cada grupo o archivo que se var ser encripted. Sin embargo, si hay un archivo existente para ser encrypted, ellos deben ser exported antes que usted agrega los archivos de encryption.
-<
<
+After entering a system Encryption Passphrase, exporting any existing files that are to be encrypted, and entering the appropriate encryption key(s), you must create any new files that are to be encrypted and, if encrypting any existing files, you must import them with the "Replace" option.
->
>
+Despues de entrar una passprhrase encription en el sistema, exportar archivos existentes que se van ser encrypted, y entrar las llaves apropriadas de encryption, usted necesita crear un nuevo archivo que se va ser encrypted y, si hay archivos existentes encrypted, usted necesita importar ellos con la opcion "Replace".
-<
<
+So, the basic steps required to enable encryption of APPXIO data files are: 
 Enter a system Encryption Passphrase
  Export any existing files that are to be encrypted
  Enter the appropriate encryption keys for individual files and FMS groups as appropriate
  Create any new files and import any existing files that are to be encrypted
->
>
+Entonces, los pasos basicos para enable encryption de los archivos APPXIO son: 
 Entrar con un Encryption Passphrase en su sistema
  Export archivos existentes que se van ser encrypted
  Entrar las llaves de encryption para los archivos individuales y grupos FMS
  Crear cualquier nuevos archivos y importar cualquier archivo existente que se var ser encrypted
  How to Set or Change the System Encryption Passphrase
 If no data files have actually been encrypted, the system Encryption Passphrase may be safely changed. However, if any data files have been encrypted, you must follow the steps outlined below to change the system Encryption Passphrase. If you do not follow these steps, any previously encrypted data files will no longer be accessible by the system.
 

 Make sure that no users are accessing the system Do not attempt to change the system Encryption Passphrase while other users are accessing the system.
-<
<
+ Export all of the encrypted APPXIO data files in all APPX databases. The Export utility on the Database Management menu should be used to export the encrypted APPXIO data files.
->
>
+ Export all of the encrypted APPXIO data files in all APPX databases. The Export herramienta on the Database Management menu should be used to export the encrypted APPXIO data files.
  Use the System Parameters maintenance process in System Administration to change the system Encryption Passphrase. The Set/Change Passphrase screen includes a report that can be run to obtain a list of all FMS groups and files which have been encrypted. Use this list to verify that you have exported all of the encrypted files.
  Change all of the encryption keys that have been entered for individual files and for FMS groups in all databases.
  Import all of the APPXIO data files in all APPX databases that you exported in step 2. Be sure to specify the "Replace" option for the data import.
  Enter the appropriate encryption key in the file specifications for each database instance of the file that you wish to encrypt or assign each database instance of the file to an FMS group that has an encryption key.
  Import the file in each database. Be sure to specify the "Replace" option when importing each database instance the file.
 
 How to Decrypt an Encrypted File
-<
<
+ Use the Export utility in Database Management to export the encrypted file that is to be decrypted. If the encrypted file exists in more than one database, you must export each instance of the encrypted file that is to be decrypted.
->
>
+ Use the Export herramienta in Database Management to export the encrypted file that is to be decrypted. If the encrypted file exists in more than one database, you must export each instance of the encrypted file that is to be decrypted.
  Remove the encryption key in the file specifications for each database instance of the file that you wish to decrypt. If the file is assigned to a FMS group that has an encryption key, then you must remove the file from the FMS group or remove the encryption key from the FMS group. If you need to remove the encryption key from an FMS group, make sure that you exported all of the files that are assigned to the FMS group in step 1 above.
  Import each database instance of the file. Be sure to specify the "Replace" option when importing each database instance the file.
 
 Sharing of Encrypted Files
 If you have more than one APPX system and you do not want to be able to share encrypted files between the systems, then you should use different system Encryption Passphrases and different file encryption keys.
 Recovery of Corrupted Encrypted Files
-<
<
+Encrypted files which have become corrupted may be recovered by using the "recover" option of the APPX Utility engine. The recovery process for encrypted files is the same as the recovery process for non-encrypted files. For additional information on the use of the recover option, you can run:
->
>
+Encrypted files which have become corrupted may be recovered by using the "recover" option of the APPX herramienta engine. The recovery process for encrypted files is the same as the recovery process for non-encrypted files. For additional information on the use of the recover option, you can run:
 appx -recover

 Recovery of Undecipherable Encrypted Files

Revision 12010-01-27 - RayPelegrino

Line: 1 to 1

Added:

>
>

META TOPICPARENT	name="APPX500FeaturesEs"

APPXIO Data Encryption

Effective with Release 5.0.0, the APPX Utility includes an option to encrypt APPXIO data files.

APPXIO Data Encryption

Overview

Release 5.0.0 or higher of the APPX Utility allows APPXIO data files to be optionally encrypted. Encrypted data files provide an added layer of security for sensitive data. If an encrypted file is opened by any program other than APPX, the encrypted data is unintelligible. This means that backup copies of encrypted files on tape or disk are also secure since they cannot be deciphered without the appropriate software and encryption keys. If an encrypted data file is moved to another APPX server, it cannot be deciphered unless the APPX server is configured with the appropriate encryption keys and meets other necessary criteria.

How to Enable APPXIO File Encryption

The APPXIO file encryption feature is easily enabled by entering a passphrase into the Encryption Passphrase field of the System Parameter Record in APPX System Administration.

Setting the system Encryption Passphrase "enables" the APPXIO file encryption feature but does not actually cause any files to be encrypted. To "enable" encryption of individual files, you must also enter an encryption key into the file specifications for each of the individual files that are to be encrypted or you must enter an encryption key into the FMS group specifications for each group of files that are to be encrypted. However, if any existing files are to be encrypted, they must be exported before you enter any encryption keys.

After entering a system Encryption Passphrase, exporting any existing files that are to be encrypted, and entering the appropriate encryption key(s), you must create any new files that are to be encrypted and, if encrypting any existing files, you must import them with the "Replace" option.

So, the basic steps required to enable encryption of APPXIO data files are:

Enter a system Encryption Passphrase
Export any existing files that are to be encrypted
Enter the appropriate encryption keys for individual files and FMS groups as appropriate
Create any new files and import any existing files that are to be encrypted

How to Set or Change the System Encryption Passphrase

The system Encryption Passphrase can be set or changed from the System Parameter maintenance screen:

System Administration --> System Setup --> System Parameters

SystemParameters5.0.0.PNG

To set the system Encryption Passphrase, you must click on the "Change" button next to the Encryption Passphrase field. You will then be presented with the following form which will allow you to set the system Encryption Passphrase.

Set-ChangePassphrase5.0.0.PNG

If no data files have actually been encrypted, the system Encryption Passphrase may be safely changed. However, if any data files have been encrypted, you must follow the steps outlined below to change the system Encryption Passphrase. If you do not follow these steps, any previously encrypted data files will no longer be accessible by the system.

Make sure that no users are accessing the system Do not attempt to change the system Encryption Passphrase while other users are accessing the system.
Export all of the encrypted APPXIO data files in all APPX databases. The Export utility on the Database Management menu should be used to export the encrypted APPXIO data files.
Use the System Parameters maintenance process in System Administration to change the system Encryption Passphrase. The Set/Change Passphrase screen includes a report that can be run to obtain a list of all FMS groups and files which have been encrypted. Use this list to verify that you have exported all of the encrypted files.
Change all of the encryption keys that have been entered for individual files and for FMS groups in all databases.
Import all of the APPXIO data files in all APPX databases that you exported in step 2. Be sure to specify the "Replace" option for the data import.

Enter/Edit File Encryption Keys

The encryption key for a specific database instance of a file can be set or changed in Database Management.

Database Management --> File Specifications --> File Attributes

The same encryption key value can be entered for each file or each file can have its own unique encryption key. An easy way to ensure that each file has a unique encryption key is to use the Random Key button to automatically generate a random key for the file. If you choose to enter an encryption key, you should choose "strong" key values just as you would for a password. This means that your key should not be a common name or word, should include a mixture of letters, numbers, and special characters, and should be more than a few characters in length.

Enter/Edit FMS Group Encryption Keys

The encryption key for a FMS group is entered in System Administration.

System Administration --> Configuration --> File System Groups --> FMS Group Attributes

The same encryption key value can be entered for each FMS Group or each FMS Group can have its own unique encryption key. An easy way to ensure that each FMS Group has a unique encryption key is to use the Random Key button to automatically generate a random key for the FMS Group. If you choose to enter an encryption key, you should choose "strong" key values just as you would for a password. This means that your key should not be a common name or word, should include a mixture of letters, numbers, and special characters, and should be more than a few characters in length.

How to Create A New Encrypted File

The following steps should be followed to encrypt a new APPXIO file.

If APPXIO file encryption has not already been enabled on your system, first follow the steps for enabling APPXIO file encryption.
Add the new file definition to the data dictionary in your APPX Application.
Enter the appropriate encryption key in the file specifications for each database instance of the file that you wish to encrypt or assign each database instance of the file to an FMS group for which you have entered an encryption key.
Create each database instance of the file.

How to Encrypt an Existing File

The following steps should be followed to encrypt an existing APPXIO file:

If APPXIO file encryption has not already been enabled on your system, first follow the steps for enabling APPXIO file encryption.
Export the file that is to be encrypted. If the file has been created in more than one database, you must export each instance of the file that is to be encrypted.
Enter the appropriate encryption key in the file specifications for each database instance of the file that you wish to encrypt or assign each database instance of the file to an FMS group that has an encryption key.
Import the file in each database. Be sure to specify the "Replace" option when importing each database instance the file.

How to Decrypt an Encrypted File

Use the Export utility in Database Management to export the encrypted file that is to be decrypted. If the encrypted file exists in more than one database, you must export each instance of the encrypted file that is to be decrypted.
Remove the encryption key in the file specifications for each database instance of the file that you wish to decrypt. If the file is assigned to a FMS group that has an encryption key, then you must remove the file from the FMS group or remove the encryption key from the FMS group. If you need to remove the encryption key from an FMS group, make sure that you exported all of the files that are assigned to the FMS group in step 1 above.
Import each database instance of the file. Be sure to specify the "Replace" option when importing each database instance the file.

Sharing of Encrypted Files

Encrypted files may be shared and successfully accessed by two or more APPX systems provided the following conditions are all satisfied:

The system Encryption Passphrases are the same on all systems.
The file encryption keys are the same on all systems.
The systems are all registered to the same APPX customer.

If you have more than one APPX system and you do not want to be able to share encrypted files between the systems, then you should use different system Encryption Passphrases and different file encryption keys.

Recovery of Corrupted Encrypted Files

Encrypted files which have become corrupted may be recovered by using the "recover" option of the APPX Utility engine. The recovery process for encrypted files is the same as the recovery process for non-encrypted files. For additional information on the use of the recover option, you can run:

appx -recover

Recovery of Undecipherable Encrypted Files

You should keep a record of the system Encryption Passphrase and the Encryption Keys that have been entered in a secure location that can be accessed in the event that you need to reenter the information. Once entered, the Encryption Passphrase and the Encryption Keys should not be needed again unless you find yourself in a situation where your System Administration files have become corrupted or lost and you cannot restore them from a backup. You might also need this information to set up an additional APPX server that needs to be able to access encrypted data files that were created on another APPX server. You will not be able to access your encrypted data files unless you are able to reenter the exact System Passphrase and the exact Encryption Keys that were used to create and process the encrypted data files.

In the unlikely event that you to find yourself in the situation where your encrypted files cannot be accessed because you are unable to correctly enter the necessary System Passphrase and Encryption Keys, you should contact APPX Software, Inc. for assistance with recovering the encrypted data.

Application Design Considerations

When an encrypted file is being opened, the APPX File Manager verifies that the system Encryption Passphrase and the encryption key that were used to create the file match the current system Encryption Passphrase and the current encryption key for the file. If they do not match, the file open will fail. The system File Status field is also set to "FI_CRYPT" indicating that the open failed because of an encryption mismatch.

Limitations:

One-record APPXIO files cannot be encrypted.
Fixed length consecutive APPXIO files cannot be encrypted. Variable length consecutive APPXIO files may be encrypted.

Enhancement Suggestions:

If data is encrypted, a warning should be presented to the user prior to generating a new encryption key, or changing the System Parameter Pass Phrase. This could help prevent unintended data loss.
When importing data into an newly encrypted state, we should either delete the PORTDATA or warn the user that the PORTDATA is unencrypted.
When exported from an encrypted state to an unencrypted state, we should warn the user that the exported data is unencrypted.

Comments:

Read what other users have said about this page or add your own comments.

<--/commentPlugin-->

-- AlKalter - 04 Apr 2008

View topic | History: r3 < r2 < r1 | More topic actions...