mos schrieb:
I posted this message twice in the past 3 days, and it never gets on
the mailing list. Why?
Here it is again:
I have a Text field that contains paragraph text and for security
reasons I need to have it encrypted. If I do this, how can I still
implement full text search on it?
Also, I have a lot of Float columns that need to be protected but the
user has to use comparison operators like ">" and "<" on them. Any
recommendations?
Mike,
What size ist the database?
Could you create some kind of (temporary) table holding the data
unencrypted?
As fulltext search is only possible on myisam tables, you might want to
put this on a ramdisk and create it during mysql startup (just make a
symlink like /var/lib/mysql/UnencryptedDatabase -> /ramdisk/ and use the
|--init-file-Paramter for mysqld to create and fill the table).
It would at least make it more difficult to get the data for somebody
who has physical access to the machine as long as you have all your
partitions encrypted as well have to enter your password during startup.
||I know there is still danger: somebody at the ISP could shut down the
server and modify your initrd and try to get you password when you enter
it during startup, but as long as you won't host the machine yourself,
there probably is no better option. Get rackspace that has doors and can
be locked... a little more security, but usually the ISP has a second
key in their safe :(
||Or you might set it up so you have to enter 2 Passwords, the first one
to decrypt and start a small program that checksums the kernel and
initrd that is in memory, and then a second one to mount the partitions...|
|
If the value of the data is really a million, host it on your own and
install security systems etc. and a 24/7 NOC keeping an eye on your
server looking for hackers and so on.
If your budget is only $100/month I would do the way I described above.
|||
|Jan|
||
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
