FLUC-Subsystem

Our subsystems make all conversions (eg HOST FB dataset with EBCDIC strings and BCD numbers as PGP file with CSV format in UTF-8 read and write) of the FLUC transparent for applications. This can be used to extend standard applications (e.g., SAP) with encryption, compression, and conversion capabilities. On the host it is used mainly to make legacy applications fit for various new security standards (e.g., PCIDSS) or to write formats (e.g., XML or CSV) used in modern WEB applications. For example, customers use the subsystems so that decentralized SAP systems or the data warehouse can read CSV or XML files that physically reside on a host as a dataset. Conversely, host applications can be provided with fixed data structures that are physically delivered as compressed or encrypted XML files.

 

flucFS for Linux

 
Under Linux the implementation is based on FUSE (File system in user space). The FLUC subsystem is a normal executable, with which one can mount a directory. The mount point is the logical view of the data. This is assiociated to a physical directory where the encrypted, converted and/or compressed files are stored. Which files are to be converted is maintained via a configuration database (hidden file in physical directory). The management of this configuration can be done most easily with FLCC as shown in the screen dump below. flucFSconfig.png
 
Here you can define read or write specifications for arbitrary match strings (wildcards). Amongst other things, the Write configuration allows you to determine whether a file should be readable in the logical view (mountpoint) or not. The rights of the physical file can also be redefined when writing. Thus, unlike other file/folder encryptions, the solution is not fully transparent and the encrypted file (e.g., PGP file) is under your own control (End2End). All files not matching any match string can be setup to pass them through unchanged, so that a mount does not change anything at first, but only with an entry in the configuration database converted, compressed and / or encrypted physical files. For reading different views are supported. With Mount, you can provide a corresponding view, which allows you to set up different logical views of the same physical data for different parties to read. Among other things, when writing, it is also possible to specify several write/output specifications or I/O definitions, with which one can simultaneously send the data to a partner or place it in an archive for backup purposes.
 

FLUC-SUB for z/OS

 

On the HOST it is an I/O subsystem, which is provided via a started task and which can be allocated in the DD statement. Thus one can subject individual files during reading and writing to appropriate conversions, without the using application noticing. For example, it would be possible to extend a legacy application that writes an FB80 dataset to translate these fixed data structures from BCD numbers and EBCDIC strings into a CSV file in UTF-8, which is a GZIP file written by SSH to a UNIX system or read from there.

In both cases, all conversion options of the FLUC are available as CLP strings.

Resolved Issues

0000665: Add function to map condition code in a message to FLUCUP
May 8, 2023
0000295: Element interface for original data
Apr 15, 2023
0000592: Support of round trip conversion and identity conversion as error handling for invalid characters
Apr 15, 2023
0000824: Extend table support for IMS/DB2 unload formats (more than one table format per file)
Apr 15, 2023
0000867: Add column encryption, tokenisation, anonymisation to table support
Apr 15, 2023
0001028: Support 64->31 bit interoperability for 64 bit java application using 31 bit FLAM MVS byte interface
Oct 28, 2022
0000783: Add match of regular expression to string converter
May 4, 2022
0000962: Limit the maximal internal block size to prevent memory exhausting through expansion at decompression
Mar 9, 2022
0000998: Support RACF keyrings for SSH keys
Jan 6, 2022
0001022: Check if XML before decoding in read.xml() to improve performance
Jan 6, 2022