Unconfigured Ad Widget

Collapse

Announcement

Collapse
No announcement yet.

Is Forced Encryption Another Y2K-Style "Public Works" Project?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Is Forced Encryption Another Y2K-Style "Public Works" Project?

    ** This thread discusses the article: Is Forced Encryption Another Y2K-Style "Public Works" Project? **
    ** This thread discusses the Content article: Is Forced Encryption Another Y2K-Style "Public Works" Project? **
    0

  • #2
    Is Forced Encryption Another Y2K-Style "Public Works" Project?

    ** This thread discusses the article: Is Forced Encryption Another Y2K-Style "Public Works" Project? **
    There is at least one product that provides a way around the field-expansion problem. nuBridges (I don't work for them but we are using them and are now business partners) provides a "shadow-file" technique which stores the encrypted data in another file that it creates during setup of their software (you tell it what files/fields you want to encrypt). This obviously adds additional overhead but may be at least a stop-gap measure to comply. To encrypt and decrypt the data you use service program procedures (APIs) that nuBridges supplies. Pretty easy to use. Anyway, I know this sounds like an advertisement but I receive no compensation for sales of the product. It's a viable option. By the way, nuBridges provides quite a few other products relating to securing data during transmission, FTP, etc. Garrett

    Comment


    • #3
      Is Forced Encryption Another Y2K-Style "Public Works" Project?

      ** This thread discusses the article: Is Forced Encryption Another Y2K-Style "Public Works" Project? **
      So is the originally data removed from the original file? If not, what would stop someone from using DSPPFM or similar tool to look at the original data?

      Comment


      • #4
        Is Forced Encryption Another Y2K-Style "Public Works" Project?

        ** This thread discusses the article: Is Forced Encryption Another Y2K-Style "Public Works" Project? **
        Yes the original data is removed from the original file and replaced with a "shadow file index" which is basically a "key" to the "shadow file" where the encrypted version of the real data is stored. The index value is limited by the size of the original field and that may be a limitation depending on the size of the field and how many records will be in the file. It may not be the perfect solution but as I say I think it is certainly a viable stop-gap option and possibly permanent solution depending on the application. Garrett

        Comment


        • #5
          ** This thread discusses the article: Is Forced Encryption Another Y2K-Style "Public Works" Project? **
          You may also want to check out Crypto Complete from Linoma Software at www.LinomaSoftware.com . With Crypto Complete, you can encrypt most alpha and numeric fields without changing their types or lengths. For numeric fields, it also uses shadow file approach with index numbers. For alpha fields, you can store the encrypted value in the existing field with AES stream-based encryption. Field values can be automatically encrypted without changing your applications. Crypto Complete includes key management (for PCI) and detailed audit logs for compliance reporting. A free trial is available on Linoma's web site.

          Comment

          Working...
          X