Modifying protection policy
To modify an existing protection policy:
Open Application Data Protection.
In the left pane, click Protection Policies. The list of protection policies is displayed.
Click the protection policy that you want to update. The <Protection Policy-name> screen shows the policy details.
Modify the policy details. You can modify the following fields:
Algorithm
Key
Character Set
Access Policy
Masking Format
Tweak Algorithm (if applicable)
Tweak (if applicable)
IV (if applicable)
Caution
In CipherTrust Manager 2.13 and lower versions, the linking of protection policy to access policy was not available. When upgrading to CipherTrust Manager 2.14, it is mandatory to link the access policy to protection policy. To do so, edit the protection policy and select the desired access policy from the available options. If access policy doesn't exist, create a new.
Click Update. A message stating, Protection Policy updated successfully is displayed and the version of policy is incremented. The updated policy is automatically received in client's environment after heartbeat interval.
Modify policy with legacy formats
While modifying an existing protection policy, if it contains any of the following algorithms, the CipherTrust Manager will automatically map the old algorithm to the equivalent algorithm and character set.
FPE/AES/CARD10
FPE/AES/CARD26
FPE/AES/CARD62
FPE/AES/UNICODE
FPE/FF1v2/CARD10
FPE/FF1v2/CARD26
FPE/FF1v2/CARD62
FPE/FF1v2/ASCII
FPE/FF1v2/UNICODE
FPE/FF3/CARD10
FPE/FF3/CARD26
FPE/FF3/CARD62
FPE/FF3/ASCII
The following table shows the mapping of legacy formats (algorithm + character set) to their equivalent algorithm and character set.
Legacy formats (algorithm) | Equivalent algorithm | Equivalent Character set |
---|---|---|
FPE/AES/CARD10 | FPE/AES | All digits |
FPE/AES/CARD26 | FPE/AES | Lower Alphabets |
FPE/AES/CARD62 | FPE/AES | Alphanumeric |
FPE/FF1v2/CARD10 | FPE/FF1v2 | All digits |
FPE/FF1v2/CARD26 | FPE/FF1v2 | Lower Alphabets |
FPE/FF1v2/CARD62 | FPE/FF1v2 | Alphanumeric |
FPE/FF1v2/ASCII | FPE/FF1v2 | Existing character set |
FPE/FF3/CARD10 | FPE/FF3 | All digits |
FPE/FF3/CARD26 | FPE/FF3 | Lower Alphabets |
FPE/FF3/CARD62 | FPE/FF3 | Alphanumeric |
FPE/FF3/ASCII | FPE/FF3 | Existing character set |