SitePoint Sponsor

User Tag List

Results 1 to 7 of 7

Thread: encryption

  1. #1
    SitePoint Evangelist
    Join Date
    Feb 2009
    Posts
    412
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    encryption

    Hello,

    I got a server running with Windows 7 64 bit and I got MySQL Server on there and I need to encrypt all the DB's. What's the best way to get this done? I use HeidiSQL to control the database.

  2. #2
    SQL Consultant gold trophysilver trophybronze trophy
    r937's Avatar
    Join Date
    Jul 2002
    Location
    Toronto, Canada
    Posts
    39,244
    Mentioned
    59 Post(s)
    Tagged
    3 Thread(s)
    encrypt all the DBs?? whatever for?

    this sounds like a PHB requirement
    rudy.ca | @rudydotca
    Buy my SitePoint book: Simply SQL
    "giving out my real stuffs"

  3. #3
    Barefoot on the Moon! silver trophy Force Flow's Avatar
    Join Date
    Jul 2003
    Location
    Northeastern USA
    Posts
    4,606
    Mentioned
    56 Post(s)
    Tagged
    1 Thread(s)
    A database typically sits behind a password.

    If you're trying to encrypt user passwords, search for password hashing with a salt. That, however, takes place at the application level, not the database level. The database just stores the end result. Hashing is a one-way type of encryption, so you won't be able to get the original value back...just compare it to another hashed value.
    Visit The Blog | Follow On Twitter
    301tool 1.1.5 - URL redirector & shortener (PHP/MySQL)
    Can be hosted on and utilize your own domain

  4. #4
    SitePoint Evangelist
    Join Date
    Feb 2009
    Posts
    412
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by r937 View Post
    encrypt all the DBs?? whatever for?

    this sounds like a PHB requirement
    more like Visa being the pointy hair boss, unfortunately we must encrypt all of our emails that are stored within the database, in case someone copies the files.

  5. #5
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2006
    Location
    Augusta, Georgia, United States
    Posts
    4,147
    Mentioned
    16 Post(s)
    Tagged
    3 Thread(s)
    That would be a two way encryption for the content of the email.
    The only code I hate more than my own is everyone else's.

  6. #6
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,799
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by silver163 View Post
    more like Visa being the pointy hair boss, unfortunately we must encrypt all of our emails that are stored within the database, in case someone copies the files.
    So when someone copies all the files that they have to run the file with the decryption code in it before they can read the other files? I guess that would add a few extra seconds to the time taken to access the information in those emails.

    Note also that emails are not allowed to contain any confidential information (eg. credit card numbers) at all since the email gets stored in plain text on various servers around the world when it is in the process of making its way from the sender to the recipient. To get around that you'd need everyone to have security certificates installed to use with the emails that allow the email to be encrypted before it is sent.
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">

  7. #7
    SitePoint Evangelist
    Join Date
    Feb 2009
    Posts
    412
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by felgall View Post
    So when someone copies all the files that they have to run the file with the decryption code in it before they can read the other files? I guess that would add a few extra seconds to the time taken to access the information in those emails.

    Note also that emails are not allowed to contain any confidential information (eg. credit card numbers) at all since the email gets stored in plain text on various servers around the world when it is in the process of making its way from the sender to the recipient. To get around that you'd need everyone to have security certificates installed to use with the emails that allow the email to be encrypted before it is sent.
    Well seconds sure but only if they want a supercomputer handy, the NSA got one that literally does it in seconds but I highly doubt that anyone has the resources for that. i am not trying to make this "uncrackable" i am trying to take every measure possible to ensure security.

    you can install a firewall on a computer but as long as the computer is used by people and the more people use the bigger the usage the more security vulnerabilities doesn't mean you shouldn't bother with security at all.

    i just want to see if there are any external software that can encrypt the DB's and work with the server


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •