16.2.3 Data File Encryption

Data Encryption ensures secure handling of files during Data Ingestion (EDD). It functions as a stand-alone file encryption utility that enables both encryption and decryption of data files. This feature allows you to work with encrypted files while maintaining control over when encryption or decryption is applied.

Encryption is optional and remains disabled by default. It becomes available only after an Administrator configures a valid encryption key.

Encryption applies to the entire file, not to individual columns. Currently, the system uses one active encryption key for all encryption and decryption activities.

Limitations of File Encryption

• AAI currently supports only a single encryption key; support for multiple keys is not available at this time.
• Decryption of previously encrypted files is not supported after a key change (no backward decryption capability).
• Archive files must be pre-encrypted; encryption is not performed during the archiving process.
• Encryption keys must follow a strict Base64 format (KEY:IV), which may limit flexibility and ease of use.
• File encryption is not supported for out-of-the-box ingest connectors.