« previous next »
Pages: [1]

Author Topic: Encrypt/tokenize CMOD Data on the fly.Possible?  (Read 2878 times)

Pk2016

  • Guest
Encrypt/tokenize CMOD Data on the fly.Possible?
« on: September 19, 2016, 07:57:55 AM »
Hello Experts, im not sure if this is possible but  Is there an option to encrypt/tokenize  CMOD  data on the fly.

There is this front end application(a different team) in our project housed in Cloud(a S3 bucket ) and want to connect to ondemand  to retrieve the docs(not sure how the latency  for the retrieval is going to be ). Apparently there is no encryption that is done in CMOD  while archiving.Now for the front end application to pull the docs, it has to be encrypted/tokenized due to PCI compliance  and only approach seems to be to do it on the fly.  Your thoughts ?


Logged

Justin Derrick

  • IBM Content Manager OnDemand Consultant
  • Administrator
  • Hero Member
  • *****
  • Posts: 2231
  • CMOD Guru for hire...
    • View Profile
    • Tenacious Consulting
Re: Encrypt/tokenize CMOD Data on the fly.Possible?
« Reply #1 on: September 19, 2016, 12:44:57 PM »
CMOD supports SSL.  Even the utilities are are SSL-aware.  You can query and do retrievals encrypted, but you likely won't be able to obsure / redact / tokenize without a LOT of work writing an output/preview exit.

-JD.
Logged
IBM CMOD Professional Services: http://TenaciousConsulting.com
Call:  +1-866-533-7742  or  eMail:  jd@justinderrick.com
IBM CMOD Wiki:  https://CMOD.wiki/
FREE IBM CMOD Education & Webinars:  https://CMOD.Training/

Interests: #AIX #Linux #Multiplatforms #DB2 #TSM #SP #Performance #Security #Audits #Customizing #Availability #HA #DR

ewirtz

  • Full Member
  • ***
  • Posts: 134
    • View Profile
Re: Encrypt/tokenize CMOD Data on the fly.Possible?
« Reply #2 on: September 20, 2016, 12:48:23 AM »
Hi PK2016,

it is possible but of course only with exit programming. please look for the PCI discussion in this forum.

regards

Egon
Logged

Alessandro Perucchi

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1002
    • View Profile
Re: Encrypt/tokenize CMOD Data on the fly.Possible?
« Reply #3 on: September 21, 2016, 03:52:14 PM »
Another way, would be to have like a multi tier setup:

CMOD -> WebService (which get the document from CMOD and encrypt it) -> Send the encrypted document to the S3 Project team

That way, you can have a simple ODWEK interface on you side, and give the data in the way you want to the other party.
And they don't need to know CMOD, you just encapsulate everything in your API.
That way, you can use bulk retrieve or single retrieve.

The problem with the exit, is that you cannot do bulk retrieve, and this could be really tricky, but not impossible, since people already did that.
Logged
Alessandro Perucchi

#Install #Migrations #Conversion #Educate #Repair #Upgrade #Migrate #Enhance #Optimize #AIX #Linux #Multiplatforms #DB2 #Windows #Oracle #TSM #Tivoli #Performance #Audits #Customizing #Availability #HA #DR #JavaApi #ContentNavigator #ICN #WEBi #ODWEK #Services #PDF #AFP #XML

ewirtz

  • Full Member
  • ***
  • Posts: 134
    • View Profile
Re: Encrypt/tokenize CMOD Data on the fly.Possible?
« Reply #4 on: September 21, 2016, 10:35:47 PM »
Hi Alessandro,
you are right this is possible. Just an additional information. Only the credit card numbers must be stored encrypted. It depends of the requirements whether it helps to use the CMOD frontend. Depending on your rights you could see no document, a tokenized document or a document with unencrypted card numbers. This could be realized with the preview exit (using ICSF or open SSL depending on the platform).

regards
Egon
Logged

Pk2016

  • Guest
Re: Encrypt/tokenize CMOD Data on the fly.Possible?
« Reply #5 on: September 29, 2016, 11:26:11 AM »
thank you everyone . Ill take the inputs back to our team . At present i do not have experience on User exists . Will have to analyse what it is about. Thanks you again for your time and valuable inputs.

Logged
Pages: [1]
« previous next »