We store encrypted data in the database, the key on the file system,
and the specific configuration of the key in the java code (parameters
to the key).
This requires someone gain access to all three parts in order to
decrypt the data. We manage the encryption in the application as
this allows us to only have the decrypted values in memory for as
short a period of time as necessary.
On Thu, Feb 5, 2009 at 5:36 PM, Joe Baldwin <jfbaldwi..arthlink.net> wrote:
> What design (or pattern) is best for fields that are to be encrypted?
>
> MySQL has quite a few simple functions that can be used to encrypt data.
> However, when using Cayenne to fetch the data I have not found a simple
> solution.
>
> I have been testing using result directives and SQLTemplate, but the design
> is looking pretty messy.
>
> I guess the first question is: can I rely on MySQL
> aes_encrypt()/aes_decrypt() while using Cayenne or will I have to go to a
> java encryption class?
>
> Thanks,
> Joe
>
>
>
This archive was generated by hypermail 2.0.0 : Fri Feb 06 2009 - 23:02:37 EST