I hear you have options for accessing the PC, encryption, user management, etc.
Can you explain concretely what the software can do ?
We have implemented 2 encryption solutions:
1). A triple DES encryption: you get a program that runs on Windows that encrypts data with this algorithm. The 3 keys have to be entered in the encryption PC and also in GT controller PC that actually prints the products. An option is to have those keys in an HSM.
- It is important to note that the file is decrypted real-time. Thus, the file stay always encrypted
- When deleting the file from the hard disk, the file is purged, it will not stay there.
- Triple DES is approved by credit card companies, banks, etc.
2). A connection to a data server through a customer DLL. This is highly customized and has been done for big customers that have a unified security system. The GT controller basically gets data from a protected server through calls to that DLL.
Triple DES without known 3 keys:
With decryption keys, note that you can protect information operators cannot see. A * will be shown instead.
Encryption program, you can run it, if licensed, in any Windows machine.
To limit the access to the system to people that have a validated key, you need below key reader and the respective keys of 16 hexadecimal bytes. Every key is guaranteed by the manufacturer to be unique in the world. One of the keys is the master key. One cannot produce without a key.
The Master key can go to User Management and assign new keys to 1 of 4 groups: Operator, Supervisor, Expert, and GT. The passwords for operators have to be changed every 30 days.
As always, the supervisor can declare a column as “Mark-Done”. Below records that have a “1” cannot be reproduced by the operator, he has to get the supervisor to reproduce them.