You are currently on IBM Systems Media’s archival website. Click here to view our new website.

MAINFRAME > TRENDS > SECURITY

Tokenized Encryption: Batch Interface Call Parameters

batch call parameter
 

Mnemonic Values Indicating Function to be Performed

Standalone batch mnemonics are exclusively for standalone batch, thus unique to this article. For more detail on update and read-only mnemonics see last month’s article.

Standalone batch functions:

  1. OPN: Opens token file for random access by CALLing batch cryptographic interface (BTCHTKNF) to allocate as read-only. The interface opens file as INPUT; update operations aren’t possible except special cases because token file’s always open to CICS.
  2. OSN: Opens token file for sequential access by CALLing BTCHTKNF to allocate as read-only. The interface opens file as INPUT; update operations aren’t possible except special cases.
  3. CLS: Closes random-access token file using DD name TOKERND and opened using TOKEN-FILE SELECT statement in BTCHTKNF. TOKERND name must be used in CLOSE
  4. CSS: Closes sequential token file using DD name TOKESQL and opened using TOKEN-FILE SELECT statement in BTCHTKNF. TOKESQL name must be used in CLOSE

Update functions:

  1. TKC: Encrypts CC#, creates token, adds audit information and writes record to token file
  2. TOR: Performs TKC functions plus adds order number (ORD#) to token record and writes to file
  3. TCK: Encrypts concatenated bank routing and checking account numbers (CAD#), creates token, adds audit information and writes to file
  4. TRK: Performs TCK functions plus adds ORD# to token record and writes to file
  5. RCC: Changes encrypted CC# to new encrypted CC#, updates audit information and writes to file
  6. REC: Changes encrypted CAD# to new encrypted CC#, updates audit information and writes to file
  7. COR: Populates or overlays ORD# in existing token record, updates audit number and write to file
  8. Read-only functions:

  9. DCC: Randomly reads token file using token in PCI-CARDNUM-OR-TOKEN as key, decrypts CC# and is passed back to calling or LINKing program
  10. DCO: Randomly reads order file using ORD# in PCI-CARDNUM-OR-TOKEN, then randomly reads token file using token from order record. Encrypted CC# is decrypted and passed back to program.
  11. DCE: Randomly reads token file using token in PCI-CARDNUM-OR-TOKEN. Encrypted CAD# is decrypted and passed back to program.
  12. FSN: Randomly reads token file using token in PCI-CARDNUM-OR-TOKEN. First six and last four CC# digits—stored in cleartext—are returned to calling or LINKing program. No decryption needed.
  13. SIX: Randomly reads token file using token in PCI-CARDNUM-OR-TOKEN. First six CC# digits—stored in cleartext—are returned to calling or LINKing program. No decryption needed.
  14. FOR: Randomly reads token file using token in PCI-CARDNUM-OR-TOKEN as key. The last four CC# digits—stored in cleartext—are returned to calling or LINKing program. No decryption needed.
  15. EWT: Encrypts sensitive data for file transfer or other purposes. Encrypted data is passed to calling program but not stored. It’s a safe, PCI-compliant way to pass sensitive data between programs or networks.
  16. DWT: Decrypts encrypted CC# from file transfer or other sources. Decrypted CC# is passed to calling program but not stored. It’s a safe, PCI-compliant way to receive sensitive data between programs or networks.

Another Piece of the Pie

While online subsystems dominate the world, batch processing still plays a strong role in information processing. No cryptographic interface is complete without addressing this vital function; demonstrated by the dominance of file transfer in today’s networks. Batch functionality enables bulk processing and movement of classified, confidential or sensitive data, complements online processes and optimizes IT resource usage.

Jim Schesvold can be reached at jschesvold@mainframehelp.com.



Like what you just read? To receive technical tips and articles directly in your inbox twice per month, sign up for the EXTRA e-newsletter here.



Advertisement

Advertisement

2019 Solutions Edition

A Comprehensive Online Buyer's Guide to Solutions, Services and Education.

Application Integration With PCI

The problematic nature of PCI-compliance application integration makes research, analysis and planning important. It can also greatly simplify and reduce the effort involved.

IBM Systems Magazine Subscribe Box Read Now Link Subscribe Now Link iPad App Google Play Store
Mainframe News Sign Up Today! Past News Letters