Re: Triggers - READ

[Loyd Goodbar <loyd@xxxxxxxxxxxxxx>]

Just wondering... how would the read trigger know when to decrypt the fields
and when not? Who does the trigger program trust? Is this a regulatory thing
(HIPPA) or a trust issue?

The encryption is of no use against the programmer(s) who have access to the
source. If the files contain the right permissions/authorities, only those
users who need to have access already know the contents of the encrypted
fields.

What business problem would this solve?

(I'm not trying to be mean here but you piqued my curiosity.)

Loyd

On Mon, 22 Dec 2003 16:47:36 -0600, jlowary@xxxxxxxxxxxxx wrote:

>Does anyone know whether IBM is planning to make the Read trigger more 
>like the Insert, Update triggers?  (ie: that the data in the buffer can be 
>change before it is passed to the program)   I did some looking in the 
>Archives and could only find that any changes to the buffers are not 
>passed on to the program requesting the data.
>
>We have an application that we would like to encrypt data (field or two) 
>in to another file and store a pointer in the original file, then when the 
>record is read have a trigger get the encrypted data and decrypt it all or 
>part and pass on to the calling program via the file input buffer.  This 
>would save putting a log of duplicated, needless logic (except for the 
>decryption) in lots of programs.  Sure we could do some sort of service 
>program, or program to call (if not ILE), but the best approach would be 
>to have it passed into the existing programs via a read trigger.
>
>Just wondering if IBM has addressed this or made any statement about thier 
>direction on this?  I couldn't find anything more, other than the Nov 2001 
>Archives messages.
>
>Thanks!
>
>-- Jim Lowary

--  
Mediocrity: It takes a lot less time and most people won't notice
the difference until it's too late. <http://www.despair.com/>
loyd@xxxxxxxxxxxxxx  ICQ#504581  http://www.blackrobes.net/