IBM Mainframe Forum Index
 
Log In
 
IBM Mainframe Forum Index Mainframe: Search IBM Mainframe Forum: FAQ Register
 

Encrypt Db2 table


IBM Mainframe Forums -> DB2
Post new topic   Reply to topic
View previous topic :: View next topic  
Author Message
sun_job

New User


Joined: 18 Sep 2007
Posts: 73
Location: Bangalore

PostPosted: Sat Sep 06, 2014 3:08 pm
Reply with quote

Hi All,

Request all veterans help in the below case.

The requirement is to encrypt confidential data in the Db2 tables. The confidential would include:
PO Number
Customer
Amount

Just wanted to know , is there any JCL or process to do the same.

Can we encrypt a DB2 table directly? if not , how can i encrypt a table data after unloading the same to file.

Note: This is post has been moved from JCL section , since this is related to DB2 encryption
Back to top
View user's profile Send private message
enrico-sorichetti

Superior Member


Joined: 14 Mar 2007
Posts: 10872
Location: italy

PostPosted: Sat Sep 06, 2014 3:31 pm
Reply with quote

seems that You did not care to try to understand the replies You got on the same query posted to the section ...

here is an excerpt from the relevant IBM manuals


Quote:
Encrypting your data through DB2 built-in functions
DB2® provides built-in data encryption and decryption functions that you can use to encrypt sensitive data, such as credit card numbers and medical record numbers.

You can encrypt data at the column or value level. You must install the Integrated Cryptographic Service Facility to use the built-in functions for data encryption.

When you use data encryption, DB2 requires the correct password to retrieve the data in a decrypted format. If an incorrect password is provided, DB2 does not decrypt the data.

The ENCRYPT keyword encrypts data. The DECRYPT_BIT, DECRYPT_CHAR, and DECRYPT_DB keywords decrypt data. These functions work like other built-in functions. To use these functions on data, the column that holds the data must be properly defined.

Built-in encryption functions work for data that is stored within DB2 subsystem and is retrieved from within that same DB2 subsystem. The encryption functions do not work for data that is passed into and out of a DB2 subsystem. This task is handled by DRDA® data encryption, and it is separate from built-in data encryption functions.

Attention: DB2 cannot decrypt data without the encryption password, and DB2 does not store encryption passwords in an accessible format. If you forget the encryption password, you cannot decrypt the data, and the data might become unusable.

Defining columns for encrypted data
When data is encrypted, it is stored as a binary data string. Therefore, encrypted data should be stored in columns that are defined as VARCHAR FOR BIT DATA.
Defining column-level encryption
For column-level encryption, all encrypted values in a column are encrypted with the same password.
Defining value-level encryption
When you use value-level encryption, each value in a given column can be encrypted with a different password. You set the password for each value by using the ENCRYPT keyword with the password.
Using predicates for encrypted data
When data is encrypted, only = and <> predicates provide accurate results. Predicates such as >, <, and LIKE return inaccurate results for encrypted data.
Optimizing performance of encrypted data
Encryption typically degrades the performance of most SQL statements. Decryption requires extra processing, and encrypted data requires more space in DB2.


data encryption as I already said before is MUCH MORE than simple database function call
Back to top
View user's profile Send private message
sun_job

New User


Joined: 18 Sep 2007
Posts: 73
Location: Bangalore

PostPosted: Sun Sep 07, 2014 2:04 pm
Reply with quote

Thanks a lot,will check the same
Back to top
View user's profile Send private message
View previous topic :: :: View next topic  
Post new topic   Reply to topic View Bookmarks
All times are GMT + 6 Hours
Forum Index -> DB2

 


Similar Topics
Topic Forum Replies
No new posts Load new table with Old unload - DB2 DB2 6
No new posts Pulling a fixed number of records fro... DB2 2
No new posts Multiple table unload using INZUTILB DB2 2
No new posts Check data with Exception Table DB2 0
No new posts Dynamically pass table name to a sele... DB2 2
Search our Forums:

Back to Top