I've sent the PDF to Joe and Rajashri. If anyone else wants it, let me
know. I'll try to publish it better tonight. (Well, better than e-mailing
to individuals.)
mrg
On Fri, Feb 6, 2009 at 10:50 AM, Ramachandran Rajashri <
rramachandra..axton.com> wrote:
> Sure. That sounds fine.
>
> -----Original Message-----
> From: Michael Gentry [mailto:mgentr..asslight.net]
> Sent: Friday, February 06, 2009 10:43 AM
> To: use..ayenne.apache.org
> Subject: Re: Encrypted Fields
>
> I don't think I have an easy way to share it (except via e-mail) until I
> get
> home. If you'd like, I could e-mail, but it might be good to make it
> available to all.
>
> On Fri, Feb 6, 2009 at 9:46 AM, Ramachandran Rajashri <
> rramachandra..axton.com> wrote:
>
> > Hi Michael,
> > I would be very interested in reading you paper. How do I get access
> to
> > it?
> >
> > Thanks
> > Raji
> >
> > -----Original Message-----
> > From: Michael Gentry [mailto:mgentr..asslight.net]
> > Sent: Friday, February 06, 2009 9:36 AM
> > To: use..ayenne.apache.org
> > Subject: Re: Encrypted Fields
> >
> > Joe, something I've explored doing (wrote a little paper on it, but
> > never
> > implemented it) was to have a pair of values for sensitive fields.
> One
> > is
> > the encrypted value (socialSecurityNumber) and the other is a version
> > (socialSecurityNumberVersion). The version field maps to different
> keys
> > used to encrypt the main field. This allows for the keys to be
> changed
> > (due
> > to an employee leaving or perhaps you have a 3 month mandate for key
> > changes) while still allowing you to read the old values. The key
> file
> > should be kept on the disk and protected by Unix file permissions so
> > others
> > can't read it easily.
> > I'm not sure if I made sense, but I've you'd like, I can dig up my
> > little
> > paper to send you (it might be more helpful). Just tell me the
> formats
> > you
> > can read (right now it is a Google Doc).
> >
> > mrg
> >
> >
> > On Thu, Feb 5, 2009 at 11:01 PM, Joe Baldwin
> > <jfbaldwi..arthlink.net>wrote:
> >
> > > These are all good points. I can do it either way as far as the
> > business
> > > rules go. I was just looking for some suggestions as to best
> > practices.
> > > The downside to using the database-managed encryption, is that it
> > makes the
> > > Cayenne code pretty messy (unless of course that I have missed some
> > > Utility/Convenience method that deals with applying MySQL functions
> to
> > > fetched data).
> > >
> > > I can brute-force this, as I mentioned earlier, by making the
> > conversions
> > > via Cayenne select queries and the #result directives pattern. My
> > > implementation turned out to be kind of messy and so I was thinking
> > there
> > > has to be a better way.
> > >
> >
> >
> >
> >
> >
> > This message may contain information that is confidential or
> privileged.
> > If you are not the intended recipient, please advise the sender
> immediately
> > and delete this message.
> >
>
>
>
>
> This message may contain information that is confidential or privileged.
> If you are not the intended recipient, please advise the sender immediately
> and delete this message.
>
This archive was generated by hypermail 2.0.0 : Fri Feb 06 2009 - 11:00:26 EST