July 11, 2002 at 10:49 am
Hi,
I'm looking to encrypt a large amount of data stored in my database (name, address etc.).
Obvious answer would be to get the application layer to encrypt/decrypt as it reads/writes to the database.
However I've found this product http://www.netlib.com/index.html which looks like it would save a lot of development time.
Does anyone have experience of this product, or can anyone recommend anything similar?
Thanks.
July 11, 2002 at 11:06 am
Just a note here. If you don't encrypt at the client, then the DBA can snag it with Profiler anyway. Sort of defeats the purpose.
Steve Jones
July 11, 2002 at 11:28 am
Also the tabular data stream is not encrypted if I remember correctly. There was another thread on this here where we went into the details of this. So therefore someone sniffing the packets can get the data.
"Don't roll your eyes at me. I will tape them in place." (Teacher on Boston Public)
August 23, 2002 at 12:44 am
Secure.Data™ for SQL Server 2000 is an “out-of-the-box” automated database encryption solution with protected key-management software for selectively encrypting, securing and controlling access to enterprise relational database information at the data-item level. This database security solution is application transparent, which allows for fast integration, rapid execution, cost-effective security and privacy compliance. The Solution provides an effective last line of defense:
· Selective and highly secure, column-level data item encryption
· Cryptographically enforced authorization
· Comprehensive key management
· Secure audit and reporting facility
· Enforced separation of duties
· Interoperability with other security technologies
· Operational transparency to applications
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply