- The internal ZENCRPT subsystem is automatically activated if Encrypt or Decrypt is requested and the SBS is not active.
- Exception groups, which control the format of the decrypted data as an addition to the standard “by user”, have been enhanced.
- Exception groups eliminated most of the changes required in user programs to implement usage of product APIs that control the format of decryption.
- For selected users the format changes based on (For completeness, the full explanation follows):
-
- The program that requests the decryption. i.e. Program that transmits CC transactions to clearance house will get “clear text”.
- The display file (DSPF) with or without the record format. i.e. Front desk will get “clear text” only on the screen for changing the CC.
- A user written exit program is called at real time to possible change to either “clear text” or ”masked”.
- Additional methods to handle performance issues were developed and tested.
- More mask options for numeric fields of variable length.
- Optional enablement of data entry on masked data
- Enable entry of data Option to Encrypted field handling:
- Dashboard can now show the status of fields from all files together.
- BLOB and CLOB fields of up to 2GB are supported.
- Collect Encryption PF Fields (
CLTENFLD
) – a new parameter was added: *LASTUSED
– the library that was last used. - On Activation (search for text:
Activate ZENCRPT subsystem
) a notification was added:ZENCRPT
is auto activated when needed. A minor delay may be noticed. - Option
81>1
was slightly changed. - Option
81>2
was added (explanation included in screen). - Option
21
Force Encryption Rotation was enhanced to include capability for scheduling it to run on a batch job. - The following was added to the Maintenance menu:
- Supporting Commands: 31 Duplicate Fields for Encryption 32 Change Authorization Groups 33 Encrypt/decrypt fields
These are commands that allow working by commands rather than by the regular entry screen.