Page 12
2.8 Reorganizing open files
Previously, it was only possible to reorganize closed files in
pubsets or volumes with SPACEOPT.
As of SPACEOPT V3.0, open files can also be included when reor-
ganizing pubsets and reducing file extents.
Please consult the Release Notice SYSFGM.SPACEOPT.030.E for the
complete scope of the innovations.
2.9 Tape blocks > 32 KB
Block sizes ranging from 32 KB to 256 KB are supported for tape
I/O with the BTAM access method for record formats V and U, to
allow high-performance backups to be made.
The new block size is specified at the TPR-FCB program interface.
The function is only available in TPR and for users with the TSOS
*1 or HSMS-ADMINISTRATION privilege.
Large tape blocks are supported by the products ARCHIVE V7.0B,
FDDRL V15.0 and PERCON V2.8
2.10 File encryption
Data encryption fulfills the requirements for the security of
critical data, such as protection against physical reading from
the disk, protection against unauthorized reading, also with TSOS
special rights, protection against unauthorized usage of backup
tapes or monitoring the data contents with file transfer connec-
tions.
The files are stored on the disk in encrypted form and decrypted
in blocks for an authorized access in the system/server. The
files are taken over encrypted into backups or during file trans-
fers.
Two special commands have been introduced for encrypting and de-
crypting a file. An eight character crypto password is defined
for each file that is to be encrypted/decrypted. The key for en-
cryption/decryption is then derived from this during access.
ENCRYPT-FILE: converts a normal file into an encrypted file
DECRYPT-FILE: converts an encrypted file into a normal file
Working with encrypted files and the crypto password is similar
to working with ID-protected files and the file password. The
crypto password is registered as an access right with the command
ADD-CRYPTO-PASSWORD. This registration is valid for the current
task. The access right can be removed again with the command
REMOVE-CRYPTO-PASSWORD.
*1 The openCrypt-Serv 1.2 subsystem with a corresponding Crypto Box
*1 is required for file encryption on S servers.
*1 openCRYPT-SOFT 1.2 in conjunction with X2000 as of V3.0A are
*1 required for encryption on the SX100-C and SX150 servers.
*1 An additional crypto CPU is required on SX150, whereas the
*1 encryption processes run on the X2000 CPU on SX100-C