December 31, 2011
c-treeACE Tip: Encrypt Your Existing Data
Note: c-treeACE became FairCom DB in October 2020.
Data is the livelihood of your business. In the treacherous on-line environments of today, protecting that data has never been a more paramount concern, and in some cases a mandated requirement. c‑treeACE Advanced Encryption is there to secure your data. c‑treeACE supports AES (Rindael), Twofish, Blowfish, DES and triple DES algorithms.
Encrypting c‑treeACE files is easy and only requires that the server has Advanced Encryption enabled at startup. The ADVANCED_ENCRYPTION YES keyword enables advanced encryption algorithms. A master password is then needed to start the server. Once this password is defined and the server is started with the master password in place, encryption is transparent to applications.
Data encryption is usually set at file create time. By enabling encryption before any file is created results in an encrypted file. Encrypting existing data is nearly as easy and only requires an additional step. A simple c‑treeACE file compact operation is all that is needed to create a new file from an existing one with.
The following sequence of steps creates and encrypted file from existing data:
- Call SetEncryption() with the desired encryption algorithm in the mod parameter.
- Call CompactIFileXtd8() to compact the file. Data in the newly created file will be encrypted.
- Call SetEncryption() with NULL in the mod parameter to disable encryption.
With c‑treeACE encryption is on a per file basis and you can choose different encryption options for different files. While 256 bit AES (AES32) provides the highest level of data protection, it can moderately impact performance. By mixing and matching appropriate levels of encryption for each file balanced with your performance needs, you can still create a secure high performance application.
Advanced Encryption is also available for your SQL created files. This is set at table create time as the following SQL statement demonstrates.
CREATE TABLE app_users(user_name VARCHAR(250), pwd CHAR(20) ) STORAGE_ATTRIBUTES 'ENCR=AES32';
c‑treeACE Advanced Encryption is easy to implement and provides extremely secure data protection. And, with a simple compact step, it is very easy to add Advanced Encryption to your existing data at any time.