Kisco Systems

Kisco U

Encrypting database fields

Home : Kisco U : Encrypting database fields

Since V 7.1 IBM i includes built-in functionality to encrypt field level data without having to make application changes. The feature is the FIELDPROC exit point. This feature can actually be used to insert and logic into field level read/write events, but it has been successfully adapted to encrypt (mask) sensitive data.

USE CASE

  • mask sensitive data (customer identifiable, cc numbers, per regulatory req)
  • selective encryption is good for performance
  • not to encrypt/mask entire DB. Use SQL exit points to control DB access by verb (ie. Grant "UPDATE" while blocking "SELECT")

FIELDPROC Exit Point

  • Exit point "embedded" in SQL
  • Available since VR7.1
  • Used with SQL. You do not register exit programs as with traditional exit points.
  • Not specifically a security solution, but can be used as such
  • Insert logic at read/write DB events without making application changes

Workflow for masking senstive data

  1. write > encrypt
  2. data is encrypted in the db
  3. read > decrypt per logical rules (ie only some users can view unmasked data)

The data will reside in your database in an encrypted state. Therefore, if the data is accessde via alternate (non application based) methods such as ODBC, the query data returned with show encrypted data. Likewise if there is a breach, the data will not be accessible.

Considerations:

  • Do not lock yourself out of your data!
  • Key management is critical
  • DR replication must be carefully architected and tested

IBM documentation:

https://www.ibm.com/docs/en/i/7.5?topic=considerations-field-procedures