Which framework/library do you use to handle the encryption?
On Feb 6, 2009, at 11:02 PM, Mike Kienenberger wrote:
> We store encrypted data in the database, the key on the file system,
> and the specific configuration of the key in the java code (parameters
> to the key).
>
> This requires someone gain access to all three parts in order to
> decrypt the data. We manage the encryption in the application as
> this allows us to only have the decrypted values in memory for as
> short a period of time as necessary.
>
> On Thu, Feb 5, 2009 at 5:36 PM, Joe Baldwin
> <jfbaldwi..arthlink.net> wrote:
>> What design (or pattern) is best for fields that are to be encrypted?
>>
>> MySQL has quite a few simple functions that can be used to encrypt
>> data.
>> However, when using Cayenne to fetch the data I have not found a
>> simple
>> solution.
>>
>> I have been testing using result directives and SQLTemplate, but
>> the design
>> is looking pretty messy.
>>
>> I guess the first question is: can I rely on MySQL
>> aes_encrypt()/aes_decrypt() while using Cayenne or will I have to
>> go to a
>> java encryption class?
>>
>> Thanks,
>> Joe
>>
>>
>>
This archive was generated by hypermail 2.0.0 : Fri Feb 06 2009 - 23:29:44 EST