March 3rd, 2004, 11:42 PM
Hey guys, I run www.pureescape.net and I was just wanting to know if any of you are experienced with securing databases. I use Mysql, and I've got the user accounts secured, but, there is an ache in my stomach when I consider that lots of data in the database is plain text. Not just my data, but the data of others.
My setup is secure, I'm just trying to prepare for worst case scenarios (network/physical attacks on the system)
I usually use PHP for my web applications. What I'd like to know, is how can I implement encryption/decryption on the fly? So that data is encrypted before entering the database, and is decrypted after the sql query (before it's presented in clear text again to the user).
Any info (links, turorial, code) on these techniques would be great. Also, the site ( www.pureescape.net ) is always interested in getting new members for it's discussion forums. Stop by, you'll probably meet someone you know from AO. Peace!
Thanks in response for help.
March 4th, 2004, 02:53 AM
PuRe, as long as you configured MySQL with SSL you should be able make use of the AES and other encryption functions.
\"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier
March 4th, 2004, 05:53 AM
Thanks for the link, it was useful. I'm wondering how much performance overhead is gonna be created by encrypting and decrypting everything.
March 4th, 2004, 09:35 AM
Encrypt only partial fields of databse that way you can save on the performance overload....
Other thing is proper database designing... Like what SAP follows ti sotres data in over 2500 tables... Hence even if you get an access to one of the databses you cannot make any sense out of the data residing in that database
****** Any man who knows all the answers most likely misunderstood the questions *****