|
>1. Is encryption (perhaps through an encryption key on >the file?) best through an algorithm, and should it be >a 400 based encryption algorithm or is it better to >have a call to a Java based algorithm? >2. Do such things exist on the 400, or should I follow >up on a Java based forum? I would first choose the encryption algorithm that I thought was suitable to attain the level of protection I need. Then I would check to see if the algorithm I chose is provided by OS/400 native (through the CIPHER MI instruction) and/or through Java. If available on both, it is really up to you. Since I am more of a "native guy" than a Java guy, I would argue that the native implementation has been used more extensively than the Java implementation, but this is just an opinion and I'm sure you'd find many folks that would argue the other side. Encryption is a double-edged sword. If you need to be able to decrypt something, then you always have the key management problem whether you use a symetric or asymetric algorithm. However, depending on the application you're looking at building you could just do an SSL connection from the front-end to the back-end. I assume the data doesn't need to be encrypted when stored on OS/400. Another approach, would be to use the GSS APIs. They have support to encrypt the messages that you send over the connection. You get the potentially added benefit of doing a JDBC program that used Kerberos for authentication rather than having to store and forward user ID/pwd for the backend system. GSS/Kerberos (aka Network Authentication Service) has a configuration parameter that allows you to choose from a number of encryption algorithms. On windows 2k, xp, you use the SSPI (they don't support the GSSAPI that all the other platforms do). Patrick Botz
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.