Configuring PCI dss encryption

To configure one or more Applications to use the PCI dss encryption method the steps described in this page have to be taken.

Creating an Encryption Database

Before encryption can be set also an Encryption Database has to be created and added to the Database definitions in the Control Center. First create an empty database in the database server. Then add it to the database definitions in the Control Center in the page 'System Configuration -> Architecture -> tab Databases' with the 'Kind of database' set to Encryption database as in the example shown below. Finally perform an Encryption reorganization on the encryption database with the Reorganization program.

Generating the necessary keys

Next at least two keys need to be created. One key for Encryption Key Management and one actual Encryption Key. How to do this is explained in the page Generating Keys for Encryption.

Finally the encryption keys have to be made active. In the Control Center go to the page 'Security Configuration -> Encryption' and activate the edit mode by clicking 'Edit'.



Check the 'Use encryption' checkbox and click Apply. The AMT-COBOL is now correctly configured for the usage of PCI dss encryption.

Reorganize the Application Database

Finally perform a Reorganization of the Application Database by using the AmtReorganize.exe program situated in the ...\AmtTools\Reorganization folder. Empty databases will be reorganized directly to use the PCI dss encryption on the encrypted fields and in existent databases the unencrypted fields set to be encrypted will be converted in encrypted fields using the PCI dss encrypted.