Re: Database/table encryption
msquared wrote: I'm working for a company that has a paranoid client, and the client wants their database to be 'secure'. By 'secure' they mean that even if someone gains root access on the server, the data in the database can't be compromised (obtained). I can think of a couple of ways to do this, but I don't know if they're practical. The first is to have MySQL store the tables and such in an encrypted fashion, at the file layer. Can anyone else offer any alternative suggestions, or some guidance? Most standard way is prorably having encrypted filesystems support in kernel (http://www.linuxi.org) and then having MySQL databases on it. I do not believe into too big security when intruder already have root but encryption will anyway help. -- MySQL Development Team __ ___ ___ __ / |/ /_ __/ __/ __ \/ / Tonu Samuel [EMAIL PROTECTED] / /|_/ / // /\ \/ /_/ / /__ MySQL AB, http://www.mysql.com/ /_/ /_/\_, /___/\___\_\___/ Tallinn, Estonia ___/ - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: Database/table encryption
Hi! On Feb 01, Tõnu Samuel wrote: msquared wrote: I'm working for a company that has a paranoid client, and the client wants their database to be 'secure'. By 'secure' they mean that even if someone gains root access on the server, the data in the database can't be compromised (obtained). I can think of a couple of ways to do this, but I don't know if they're practical. The first is to have MySQL store the tables and such in an encrypted fashion, at the file layer. Can anyone else offer any alternative suggestions, or some guidance? Most standard way is prorably having encrypted filesystems support in kernel (http://www.linuxi.org) and then having MySQL databases on it. I do not believe into too big security when intruder already have root but encryption will anyway help. A note about too big security: If they want MySQL to send decrypted data to client, then intruder (having root) would be able to read them from memory anyway. If they want the client to handle the encryption, there's no need for encrypted filesystem - all the crypto is done by client. Not that I wanted to say that encrypted filesystem is useless... :-) Reading decrypted data from memory is more complex task indeed. Just one has to know the limitations of his solution. -- MySQL Development Team __ ___ ___ __ / |/ /_ __/ __/ __ \/ / Tonu Samuel [EMAIL PROTECTED] / /|_/ / // /\ \/ /_/ / /__ MySQL AB, http://www.mysql.com/ /_/ /_/\_, /___/\___\_\___/ Tallinn, Estonia ___/ Regards, Sergei -- MySQL Development Team __ ___ ___ __ / |/ /_ __/ __/ __ \/ / Sergei Golubchik [EMAIL PROTECTED] / /|_/ / // /\ \/ /_/ / /__ MySQL AB, http://www.mysql.com/ /_/ /_/\_, /___/\___\_\___/ Osnabrueck, Germany ___/ - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Database/table encryption
I'm working for a company that has a paranoid client, and the client wants their database to be 'secure'. By 'secure' they mean that even if someone gains root access on the server, the data in the database can't be compromised (obtained). I can think of a couple of ways to do this, but I don't know if they're practical. The first is to have MySQL store the tables and such in an encrypted fashion, at the file layer. The second is to have the application encrypt the data when storing it in the database, and decrypt it when retrieving it. In this case, perhaps PGP could be used to do the encryption/decryption? PGP (or GnuPG) would be good, because it would only require a password from the user when decrypting. However, I suspect that the overhead in calling PGP/GnuPG for each record would be prohibitive. Perhaps there's a PGP/GnuPG Perl module that doesn't require PGP or GnuPG to be installed? (ie: has all code implemented internally, in Perl or C) Can anyone else offer any alternative suggestions, or some guidance? 2 Regards, /|/| / | - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php