Encryption/Tokenization
General Definitions
Before running this option, you should ensure that the Encryption subsystem ZENCRPT is not active. See Work with Subsystems and End Real Time Encryption for further details. After you have finished using this option, re-activate the subsystem as described in Activation.
To set the Field Encryption general definitions:
-
Select 81. System Configuration in the Encryption main menu. The System Configuration menu appears.
| Encryption/Tokenization System Configuration 7/02/22 16:42:27 RLDEV Select one of the following: Encryption/Tokenization 1. General Definitions 2. View Type Decision Algorithm 3. API to set *CLEAR/*NOMASK 4. Enable Data Entry on Masked Fields 5. Date/Time Field Handling 9. Log Retention General 91. Language Support 99. Copyright Notice Selection ===> Release ID . . . . . . . . . . . . . . 01.67 22-02-01 788C500 41A EP10 2 Authorization code . . . . . . . . . . E02202676716 2 RLDEV F3=Exit F22=Enter Authorization Code |
-
Select 1. General Definitions in the System Configuration menu. The General Definitions screen appears.
| General Definitions 7/02/22 16:47:06 RLDEV Type options, press Enter. Log level . . . . . . . . . . . . . . 9 1=*STD, 9=*MAX Key manager system . . . . . . . . . RLDEV *LCL, Name Token manager system . . . . . . . . RLDEMO *LCL, Name Specified systems must be responsive to enable proper product behavior. . Command to display file content . . . RUNQRY *N &L/&F Enter a command structure using &F and &L (replaced by File and Library). JobQ for Encryption/Decryption . . . QBATCH Library . . . *LIBL Auto-activate Encryption . . . . . . Y N=No, Y=Yes F3=Exit F4=Prompt F12=Cancel |
Figure : General Definitions screen
|
Parameters |
Description |
|---|---|
|
Log level |
1=*STD – Record only basic encryption transactions 9=*MAX – Record all encryption transactions. |
|
Key manager system |
The system where the Key Manager will reside. *LCL = the current system Name = the name of the system The Key Manager can only be worked on from the system on which it is installed. Users who try to work on the Key Manager from another system will receive an error message. If the Key Manager is not on the *LCL system, then on the system where the Key Manager resides, you must define the system(s) where the Data Manager resides. See Supported Data Managers for more details. |
|
Token manager system |
The system where the Token Manager will reside. *LCL = the current system Name = the name of the system The Token Manager can only be worked on from the system on which it is installed. Users who try to work on the Token Manager from another system will receive an error message. If the Token Manager is not on the *LCL system, then on the system where the Key Manager resides, you must define the system(s) where the Data Manager resides. See Supported Data Managers for more details. |
|
Display file command |
The command that will be used when displaying files |
|
Jobq to send Encryption/Decryption. |
Default value is QBATCH in library *LIBL |
|
Enable Auto Activation of subsystem |
If the Encryption Subsystem is not activated when a file is read/written it is automatically activated to prevent a suspension of the activities. |
-
Enter your setup definitions and press Enter. You are returned to the System Configuration menu.
Log Retention
You can keep log file indefinitely on the system or you can choose to delete them after a specified period of time. You can also define a backup program to run immediately before deletion. The backup program stores the logs offline to allow for reports to be run against historical data. The system comes with a built in backup program, ENENCBKP. The backup program source is stored in file ENSOURCE in library SMZE.
To set the Field Encryption log retention definitions:
-
Select 81. System Configuration in the Encryption main menu. The System Configuration menu appears.
-
Select 9. Log retention in the System Configuration menu. The Log Retention screen appears.
| Log Retention 7/02/22 16:51:38 Type options, press Enter. Data retention period (days) . . 5 Days, 9999=*NOMAX Backup program for data . . . . . *NONE Name, *STD, *NONE Backup program library . . . . You may specify a backup program to run automatically before deleting old data. This program runs prior to automatic deletion of data whenever the retention period expires. The *STD program is SMZE/ENSOURCE ENENCBKP. F3=Exit F12=Cancel |
Figure : Log Retention screen
|
Parameters |
Description |
|---|---|
|
Data Retention period (days) |
The length of time (in days) to retain the log files. 9999=*NOMAX – the log files are never deleted. |
|
Backup program for data |
Name = The name of your in-house program that will save the logs before deletion. If you enter a name, you must also specify the library where the program is stored. *STD = Use the Raz-Lee provided backup program. *NONE = Do not backup log files before deleting them. |
|
Backup program library |
The library where the backup program is stored. |
-
Enter your setup definitions and press Enter . You are returned to the System Configuration menu.