Data Encryption Facility (DEF)®
Encryption: The best known method for protecting highly sensitive computer data.
Using NITS standards as the basic element of data encryption, ASI began extensive research and development on a comprehensive data encryption facility which was first released in 1987. After years of additional development and testing, ASI’s Data Encryption Facility DEF® now supports additional cryptology algorithms and provides for management of encryption keys. DEF supports IBM and plug-compatible CPU’s with the z/OS operating systems.
Major enhancements over version 2.1 include AES 128 encryption, Triple DES (3DES) and DESX encryption support. A Key Administration Facility as well as improved sample programs for application programmers will also be available as part of the bundled product line. The batch mode encryption facility may be purchased separately.
Today you can hardly pick up a newspaper or go online for news without reading about an incident involving a data breach. These breaches include all sorts of data; social security numbers, drivers license records, credit card numbers. The Privacy Rights Clearinghouse, a highly respected nonprofit consumer organization concluded that over 100 million records containing personal information have been involved in security breaches in less than a two year period 2005-2006. That is just what is known.
It is becoming widely recognized that one of the most important security tools to effectively protect data is strong encryption technology.
Applied Software’s Data Encryption Facility® (DEF) provides strong encryption using one of the two NIST
(National Institute of Standards and Technology) recommended symmetric key cryptology algorithms, Triple DES. Symmetric key algorithms (also known as secret key algorithms), such as Triple DES, transform data in a way that is fundamentally difficult to undo without knowledge of a secret key. The key is “symmetric” because whatever key is used to encrypt it is also used to decrypt data.
There are two methods, using DEF, to encrypt and decrypt data.
The first is to use a batch process where a DEF Batch program reads a file, encrypts or decrypts the data, and writes it back. The second method deals with online applications where DEF provides a set of callable subroutines where an application program essentially passes data to a callable DEF module which encrypts/decrypts the data and passes them back.
Protecting Encryption Keys
The proper management of cryptographic keys is essential to the effective use of cryptography for security.
Ultimately, the security of information protected by cryptography directly depends on the strength of the keys,
the effectiveness of mechanisms and protocols associated with keys, and the protection afforded to the keys.
The management of cryptographic keys includes their generation, use, and eventual destruction.
Applied Software’s Data Encryption Facility® (DEF) provides a symmetric Key Management component that follows the recommendations put forth by the NIST for symmetric keys. Keys can be generated and encrypted such that the original key is never visible, and can then be tracked through a key life cycle. The life cycle itself consists of five states; pre-active, active, deactivated, destroyed and compromised which can be policy-based driven.
Email Ron Turner or call 215-297-9441 for pricing or free 45 day trial.