Transparent Log Encryption

The FLAM Transparent Log Encryption Solution is based on the FLAM subsystem and allows, for example, in co-operation with our VSAM support and FKME for ICSF, PCIDSS-compliant encryption (and compression) of IMS log data sets for financial transactions on a mainframe. IMS-DC needs no adaptation or the like. Likewise, other logfiles, dumps, and similar data sets can be secured transparently for the applications.

 

Benefits

  • Transparent compressing and encrypting of log files in compliance with various security standards
  • Logs, dumps, traces, or similar data can be secured cryptographically with minimal effort
  • Shorter response times, less disk space, and improved security with minimal resource consumption
  • Separation of log generation and evaluation
 

 

The solution

  • Files are compressed and encrypted by the FLAM® subsystem during writing and decrypted and decompressed during reading.
  • Our access method makes it possible that during reads only the requested data records are returned and in that process just a small segment of the log file is decrypted and decompressed.
  • Through the VSAM supprt in FLAM® logs can be written securely while this remains transparent for IMS. But also particular transaction of the log can be re-read and executed.
  • Compression reduces the number of file I/Os to the application's benefit, since logging during reads and writes becomes significantly faster.
  • By the cryptographic protection, access to log contents, and hence their evaluation (the tools), can be controlled.
 

Unser Mehrwert

  • Encryption is done by CPACF and costs no CPU time. Key management can be done professionally via ICSF.
  • Support of all access methods to data records common on mainframes including the various VSAM file types.
  • Integration of compression and encryption as a subsystem into z/OS is only possible with FLAM®.
  • Resilient, error-free, high-quality software meeting professional standards - guaranteed 'Made in Germany‘.
 

Resolved Issues

0000665: Add function to map condition code in a message to FLUCUP
May 8, 2023
0000295: Element interface for original data
Apr 15, 2023
0000592: Support of round trip conversion and identity conversion as error handling for invalid characters
Apr 15, 2023
0000824: Extend table support for IMS/DB2 unload formats (more than one table format per file)
Apr 15, 2023
0000867: Add column encryption, tokenisation, anonymisation to table support
Apr 15, 2023
0001028: Support 64->31 bit interoperability for 64 bit java application using 31 bit FLAM MVS byte interface
Oct 28, 2022
0000783: Add match of regular expression to string converter
May 4, 2022
0000962: Limit the maximal internal block size to prevent memory exhausting through expansion at decompression
Mar 9, 2022
0000998: Support RACF keyrings for SSH keys
Jan 6, 2022
0001022: Check if XML before decoding in read.xml() to improve performance
Jan 6, 2022