yes good point, thanks Dave
>> In fact, yes i know we are both thinking 'if someone
>> is good enough to hack into the backend database
>> then they will be good enough to decrypt the data if
>> they really wanted'
>>
>> so the cf app would definitely be sufficient enough
>
>The problem with encr
> In fact, yes i know we are both thinking 'if someone
> is good enough to hack into the backend database
> then they will be good enough to decrypt the data if
> they really wanted'
>
> so the cf app would definitely be sufficient enough
The problem with encrypting data from within your applicat
2 excellent points claude
thanks again for your help with this
richard
>>>what do you think about this?
>
>First point: if your database is correctly stored in a safe area not
>accessible by HTTP, the risk is really low.
>If is is stored in an area vieable by HTTP, then so is your template to
>>what do you think about this?
First point: if your database is correctly stored in a safe area not
accessible by HTTP, the risk is really low.
If is is stored in an area vieable by HTTP, then so is your template to
decrypt and view data any way.
It's like hanging the key of your house on the
In fact, yes i know we are both thinking 'if someone is good enough to hack
into the backend database then they will be good enough to decrypt the data if
they really wanted'
so the cf app would definitely be sufficient enough
thanks for your help claude, very much appreciated :)
> :) thank
:) thanks claude, yes it is a good point, but what if someone was to hack into
the database...
i'm sure we are both thinking the same thing at this point 'well if someone is
good enough to hack into a database then they will be good enough to decrypt
the data if they really wanted'
but
>>yes, a cf app that has alot of security. and only people that have
been given rights to the secure data
Then what's the big idea to encrypt data, if they have the rights to see
it anyway?
If there are columns they should not see, just not provide them with the
possibility to display those c
>>i am now wondering whether there is really a need to encrypt the
columns, but instead just to control the access to that data through the
cf application.
You are telling yourself exactly what I was thinking ;-)
~|
Adobe® Co
>Who will be able to open and read your database, and from which
>application? Some CF app?
hmm, i am now wondering whether there is really a need to encrypt the columns,
but instead just to control the access to that data through the cf application.
i suppose the thing we need to think about
>Who will be able to open and read your database, and from which
>application? Some CF app?
yes, a cf app that has alot of security. and only people that have been given
rights to the secure data
~|
Adobe® ColdFusion® 8 softw
>>we appreciate your feedback
Who will be able to open and read your database, and from which
application? Some CF app?
~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
thanks again for your response
basically the database contains a mixture of non-personal and personal data.
our clients wishes to be able to select which columns are personal and are
therefore encrypted (this is basically to satisfy data protection people)
the initial idea was to create a sepa
>>how would i get around the issue of encypting data in integer
columns? - as some of the columns are set as smallint(2) for example.
You need to create an extra column to contain the encrypted value. I
know no encrypting algorithm capable of encrypting a smallint into a
smallint, except may
thanks for the reply claude
how would i get around the issue of encypting data in integer columns? - as
some of the columns are set as smallint(2) for example.
just thinking of the top of my head: when a user chooses to encrypt a column of
data, the code could create a replica column which is
>>1) seeing as this can be run on any column (even integer fields) is
it possible to encrypt an integer and then place the resulting encrypted
string back into the integer column of the database
If the encrypted data is also an integer, then yes, but if is can be any
string, forget it. Not ev
eeded.
-Mark
-Original Message-
From: Tony Bentley [mailto:t...@tonybentley.com]
Sent: Friday, April 03, 2009 3:11 PM
To: cf-talk
Subject: Re: encrypt database column
You can change the name of a column in TQL. In MSSQL there is a stored proc
called sp_rename that would do it. For gettin
You can change the name of a column in TQL. In MSSQL there is a stored proc
called sp_rename that would do it. For getting all fields from a column in a
table, that is simply select colname from tablename.
If you wanted to pass the encryptes string into the db, not sure that MSSQL or
MYSQL can
Hi,
I have looked around on the web for the answer to this question and haven't yet
found exactly the answer i need
basically, we are developing code that dynamically encrypts database columns
(depending on what the user wants encrypted). we want to build one function
that is responsible for
18 matches
Mail list logo