Another Assumption
------------------
Encrypting / decrypting all data on the fly would be too expensive and grind the app to a halt
Not true. There are some databases that can encrypt records on the fly without any speed degradation (< 1%) using either Blowfish or AES. The data record, index, blob fields (memos) are all encrypted so if someone walks away with your database files, they are all gibberish. The transmission of the password over the network is also encrypted. See www.advantagedatabase.com for a Windows/Linux solution. (Unfortunately their free ALS version has a license agreement that does NOT permit its use on a web server.)
If you have physical access to the web server then simply entering the password will get the database app up and running. Or there are various means to send the encrypted time sensitive password to the webserver so it can open the database. Anyone sniffing for the password will be out of luck.
I too would love to have MySQL encrypt the records on he fly, especially if it is on a shared webserver. OS security will only get you so far. Other database companies have implemented transparent record encryption quite effectively, and I'm still waiting for MySQL to realize the importance of encryption.
Mike ( holding breath :-0 )
-- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
