Portal | Manuals | References | Downloads | Info | Programs | JCLs | Master the Mainframes
IBM Mainframe Computers Forums Index
 
Register
 
IBM Mainframe Computers Forums Index Mainframe: Search IBM Mainframe Forum: FAQ Memberlist Usergroups Profile Log in to check your private messages Log in
 

 

Encrypt and Decrypt data in COBOL

 
Post new topic   Reply to topic    IBMMAINFRAMES.com Support Forums -> COBOL Programming
View previous topic :: :: View next topic  
Author Message
murugan_mf

Active User


Joined: 31 Jan 2008
Posts: 148
Location: Chennai, India

PostPosted: Tue Jul 10, 2012 1:50 pm    Post subject: Encrypt and Decrypt data in COBOL
Reply with quote

Hi All,
We have a task where we need to mask some account numbers in a
dataset. Actually we thought of writing a program to encrypt and
decrypt.
I wanted to know if is there any other way this can be done?

Soliciting thougths.
Back to top
View user's profile Send private message

Bill Woodger

DFSORT Moderator


Joined: 09 Mar 2011
Posts: 7223

PostPosted: Tue Jul 10, 2012 1:54 pm    Post subject:
Reply with quote

You want to encrypt? Or you want to garble so that live client data cannot reasonably be revealed?
Back to top
View user's profile Send private message
murugan_mf

Active User


Joined: 31 Jan 2008
Posts: 148
Location: Chennai, India

PostPosted: Tue Jul 10, 2012 2:14 pm    Post subject: Encrypt and Decrypt
Reply with quote

we Prefer to encrypt the data
Back to top
View user's profile Send private message
Bill Woodger

DFSORT Moderator


Joined: 09 Mar 2011
Posts: 7223

PostPosted: Tue Jul 10, 2012 2:21 pm    Post subject:
Reply with quote

Talk to your technical support to see what is available at your site.

If nothing already, your best bet would be to buy something in. Or allocate a lot of time/money to implement and test it yourselves.
Back to top
View user's profile Send private message
Robert Sample

Global Moderator


Joined: 06 Jun 2008
Posts: 7904
Location: Bellevue, IA

PostPosted: Tue Jul 10, 2012 2:34 pm    Post subject:
Reply with quote

If your goal is to meet PCI standards, your site needs to buy something to do the encryption. Implementing an acceptable (under PCI) encryption method is not a simple task.
Back to top
View user's profile Send private message
murugan_mf

Active User


Joined: 31 Jan 2008
Posts: 148
Location: Chennai, India

PostPosted: Tue Jul 10, 2012 2:52 pm    Post subject: Encrypt and Decrypt
Reply with quote

Thsi we are doing it internally and not required to met PCI standards.
Back to top
View user's profile Send private message
Bill Woodger

DFSORT Moderator


Joined: 09 Mar 2011
Posts: 7223

PostPosted: Tue Jul 10, 2012 2:54 pm    Post subject: Reply to: Encrypt and Decrypt
Reply with quote

If you use a very simple "encryption" it won't be very secure but won't cost as much in resources.

But really, why do you want to encrypt but not do it properly?
Back to top
View user's profile Send private message
murugan_mf

Active User


Joined: 31 Jan 2008
Posts: 148
Location: Chennai, India

PostPosted: Tue Jul 10, 2012 3:03 pm    Post subject: Encrypt and Decrypt
Reply with quote

We dont want to let users to see some confidential information and that is reason we planning to write a program to do that..but before we define our own rules to write a program, i am just want to know will this can be done in any other way.
Back to top
View user's profile Send private message
Bill Woodger

DFSORT Moderator


Joined: 09 Mar 2011
Posts: 7223

PostPosted: Tue Jul 10, 2012 3:06 pm    Post subject: Reply to: Encrypt and Decrypt
Reply with quote

Really? How are they getting to see the data? They have TSO/ISPF access?

Even so, why would you need the decrypt? For what you've said, either don't show it to them, or garble it.

Explain further, please.
Back to top
View user's profile Send private message
murugan_mf

Active User


Joined: 31 Jan 2008
Posts: 148
Location: Chennai, India

PostPosted: Tue Jul 10, 2012 3:29 pm    Post subject: Encrypt and Decrypt
Reply with quote

Yes, some users will have.
First of all we dont want to open up with all the available account numbers.
after analysing the data(only a/c no will be encrypted) and any discrepencies found with the record then they will come back to us asking the account number.
During that instance we need to decrypt the record alone and give back to them.
Back to top
View user's profile Send private message
Nic Clouston

Global Moderator


Joined: 10 May 2007
Posts: 1712
Location: UK

PostPosted: Tue Jul 10, 2012 4:57 pm    Post subject:
Reply with quote

If they are going to have acces anyway when they come across an anomolie why not just give them the access to start with and save all the hassle? Either they are authorised or they are not. If not then have the security software stop them from looking at the data. If you still want to mask the account numbers then look in the DFSort forum - someone was doing that the other month.
Back to top
View user's profile Send private message
Anuj Dhawan

Senior Member


Joined: 22 Apr 2006
Posts: 6258
Location: Mumbai, India

PostPosted: Tue Jul 10, 2012 6:43 pm    Post subject:
Reply with quote

It might sound rude but - before one attempts to do what you say, one need to understand the basic difference between encryption and garble-the-data. There are commercially available products that do field level encryption; use one of them to encrypt the data as you copy from one place to another -- commercial products are available in market, because this is a serious business and not done using some home grown utility. Having said that, I agree will Bill on this, as you talk about account numbers, garble-the-data is what you need.

Just my .02$...
Back to top
View user's profile Send private message
Jose Mateo

Active User


Joined: 29 Oct 2010
Posts: 110
Location: Puerto Rico

PostPosted: Tue Jul 10, 2012 7:57 pm    Post subject: Reply to: Encrypt and Decrypt
Reply with quote

Good day to all!

I have a solid background on Encryption/Decryption. First with ATM software and then with HSM (Hardware Security Module), I just finish implementing PCI standard at the bank where I work at. One thing I could tell you is that encryption/decryption is not a easy task first of all, if you decide to encrypt the account number then you need to modify all the programs that reference the account number plus the account number will not be displayable unless you decrypt it back to displayable format. IBM has callable encryption/decryption module which you could use. Now if you want to make it simple and just mask the account number using a masking table then all you will do is use the account digit as a subcript to the masking table replacing the account digit with the offset digit of the masking table. Now I will let you decide and think of the rest of the process. Good luck!!
Back to top
View user's profile Send private message
enrico-sorichetti

Global Moderator


Joined: 14 Mar 2007
Posts: 10201
Location: italy

PostPosted: Tue Jul 10, 2012 8:39 pm    Post subject: Reply to: Encrypt and Decrypt
Reply with quote

Quote:
We have a task where we need to mask some account numbers in a
dataset.


then all of it falls under PCI or similar compliancy,

even if You are not a financial institution, Your CEO and CIO are still responsible for the protection and access of <sensitive> data.

before worrying about the lowly technicalities better worry about the organizational and legal issues.
Back to top
View user's profile Send private message
murugan_mf

Active User


Joined: 31 Jan 2008
Posts: 148
Location: Chennai, India

PostPosted: Wed Jul 11, 2012 9:59 am    Post subject: Reply to: Encrypt and Decrypt
Reply with quote

Thank you all for your valuable comments.
Back to top
View user's profile Send private message
View previous topic :: :: View next topic  
Post new topic   Reply to topic    IBMMAINFRAMES.com Support Forums -> COBOL Programming All times are GMT + 6 Hours
Page 1 of 1

 

Search our Forum:

Similar Topics
Topic Author Forum Replies Posted
This topic is locked: you cannot edit posts or make replies. RANDOM Function in COBOL swapnil781 COBOL Programming 2 Tue Nov 15, 2016 6:17 pm
No new posts ODPP(Optim Data privacy Provider) Iss... Rama kishore IBM Tools 1 Mon Nov 07, 2016 5:46 pm
No new posts Regarding COBOL Stored Procedure opti... selvamsrinivasan85 DB2 4 Fri Nov 04, 2016 8:57 pm
No new posts COBOL Version 6.1 Virendra Shambharkar COBOL Programming 5 Tue Nov 01, 2016 11:24 am
No new posts Cobol list of programs being called biswajit.dattagupta COBOL Programming 5 Tue Nov 01, 2016 2:10 am


Facebook
Back to Top
 
Mainframe Wiki | Forum Rules | Bookmarks | Subscriptions | FAQ | Tutorials | Contact Us