-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Bernd, et al --
...and then Bernd Prager said... % % Well, IMHO there's only one way to make it almost secure: % Don't store the cc numbers unencrypted. Agreed there; it seems to me that they would have to be encrypted at least somewhat. % The user should log-in with a password. Don't store the password, just % a hash-value to proof the password valid. A one-way cipher? Yeah, OK. % % Encode and store the sensitive data with that password. So the ccard numbers would be encoded with the password, which means that the database cannot decode them. So it asks for the password when it's time to display a card number, checks the password to see if it hashes the same way, and then uses that to decrypt the number. OK. % % Use a second password (don't store it either) and a second encrypted field % if a second group need to see that number. Hmmm... So if bob in accounting needs it then he has his password, and if sue in billing needs to see them then she has her password, and ... we soon end up with a lot of passwords. That's not a problem, though; we have a user password table which, of course, only stores the encrypted password (just like the system passwd or shadow file) and then we check privs to see if someone should be in that file and should access this card (maybe only certain types of cards) and then get the password and compare its scrambled version against the one stored in the password table. Hmmm... OK; that's a start. We have to somehow allow root to manage passwords and yet keep a hacker from looking like root and setting up his own. Hmmm... We may be back to the problem of "if you lose root then you lose it all"; well, so be it. % Whatever happens to the data. A third person cannot read it. Sounds like a start. Thanks for the ideas! % -- Bernd mysql query, :-D - -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, "Science and Health" http://www.justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE969k9Gb7uCXufRwARAq25AJ4203qwJzgj8HdV7JHxMLjvUBpMbwCgnVz2 V33pdhRiQkvZjqMqlOJJIHc= =6HjY -----END PGP SIGNATURE----- --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
