4.3 Encrypting Data Files

To minimize exposure of data or personal information to users with access to the server, Oracle clients can encrypt ingestion files using a simple encryption technique which requires a generic 16 digit encryption key, combination of numericals and alphabets, such as: AmritaP123456789

Standard "AES" key spec and transformation "AES/ECB/PKCS5Padding" are used for encryption and decryption. Client can encrypt files using these on their own.

To run data ingestion on encrypted files, follow these steps:

1. Encrypt the ingestion files by running encryptFileUtil.sh, as shown below: encryptFileUtil.sh <ALG_FILE_PWD> false <absolute_path_to_the_ingestion_files_you_want_to_encrypt>
   For example:

   encryptFileUtil.sh AmritaP123456789 false /scratch/ofsaaweb/BD806A/bdf/
   inbox/Account_20151209_DLY_01.dat

2. Update the BDF.Encryption.Password parameter in the bdf.xml file in <FIC_HOME>/config/ install path with the encryption key as shown below:

   <Parameter name="BDF.Encryption.Password" type="STRING"
   value="<Encryption Key>"/>

3. Update the BDF.Encryption.Enable parameter in the bdf.xml file in <FIC_HOME>/config/ install path with the encryption key as shown below:

   <Parameter name="BDF.Encryption.Enable" type="STRING"
   value="true"/>

4. Run execute.sh to invoke file ingestion.