Implementation in AMT

In AMT there are two methods of encryption available and two places where Data Encryption can be applied.

Encryption Methods

AMT supports the following two encryption methods:

• An AMT propriety encryption method used since Lion version 5.3. It is advised not to use this method of encryption anymore in new applications and or new encrypted database fields. It is merely supported to be able to use encrypted database fields in existing databases that still use this method of encryption.
• PCI dss encryption: A modern and strong method of encryption following the PCI Data Security Standard.

Old style Lion 5.3 encryption does not support the usage of Unicode characters.

What can be Encrypted

AMT supports both the encryption of table fields in application databases and the encryption of form fields in the communication between the Application Server and the Windows Thin Client AMT Screens or the IIS Server of the AMT Application Center.

• Table Fields: Table fields in the application database can be encrypted. Only the encryption of Alpha Numeric fields is supported. When Numerics need to be encrypted, first convert them to an Alpha Numeric and then store them in a encrypted database field. When a Table field is encrypted the data in the field will be stored encrypted in the database. Encryption and Decryption of the data will only take place in the Application Server and/or in running Reports, thus making also the communication between the Application Server/running Report and the Database Server secure.
• Form Fields: When Form fields are encrypted the communication between the Application Server and the Windows Thin Client AMT Screens will be secure. Also the communication between the Application Server and the IIS Server running the Application Center web interface will be secure.

Encrypting Table Fields that are used as Keys in Indexes is not allowed and will result in an error when validating or generating the application.

Be aware that when using an encrypted form field the communication between the IIS Server and the application server is encrypted for that field, but the communication between the browser and the IIS Server will only be encrypted if the Internet Information Server is set to use secure http (https).