Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

"data at rest"

from [Eric Ilustrisimo] Network Security [Permanent Link]
Subject: "data at rest"
Date: Tue, 30 Nov 2004 10:59:52 -0500 
would anyone out there like to share what they are doing to secure
data at rest? with more and more of our customers asking about it, we
are exploring two solutions and probably will implement both -
encrypting the database file on disk and encrypting sensitive data
before inserting into the database. i am interested in what others are
doing with the latter. our issue is that the sensitive data is data
that needs to be searched on and possibly diplayed on the web. we are
considering two approaches. the first is storing both a one-way
encryption/hash on the data to enable searching and a masked version
of the original data for display (i.e. 12XXXXXX34). this way we never
store the original data in the db. the drawback is that we can't
recover the original data, which might be needed for other processing.
the second approach would be to store both a hash of the original data
for searching and two-way encrypted data, which would allow us to
decrypt the original data if needed, but will also be expensive (our
app is high-volume) and we'll need to consider how to securely store
the keys. any input is appreciated...

thanks,

eric
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Blind cross-domain POST/GET requests, Saqib . N . Ali
Next by Date:  Account Lockouts, Harrison Gladden
Previous by Thread:  Re: Hidden Form Field Tool, Rafael San Miguel Carrasco
Next by Thread:  Re: "data at rest", Tim
Indexes:  [Date] [Thread] [Top] [All Lists]