Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.databases.ms-sqlserver > #1140
| NNTP-Posting-Date | Thu, 21 Jun 2012 14:00:31 -0500 |
|---|---|
| From | "Mojo" <please@dont.spam.com> |
| Newsgroups | comp.databases.ms-sqlserver, microsoft.public.sqlserver, microsoft.public.sqlserver.misc, microsoft.public.sqlserver.programming |
| Subject | encrypt, not encrypt, why encrypt and how encrypt? |
| Date | Thu, 21 Jun 2012 20:00:15 +0100 |
| X-Priority | 3 |
| X-MSMail-Priority | Normal |
| X-Newsreader | Microsoft Outlook Express 6.00.2900.5512 |
| X-MimeOLE | Produced By Microsoft MimeOLE V6.00.2900.5512 |
| Message-ID | <s72dnZ1liZTN8n7SnZ2dnUVZ8kOdnZ2d@brightview.co.uk> (permalink) |
| Lines | 34 |
| X-Usenet-Provider | http://www.giganews.com |
| X-Trace | sv3-4c8bZcC0miJ1S+dvbdqzallnO91Din8YQ0ndFItntgYjw1fLTLuPxUrKWwhOmddLfdBS0qSkOKZz81q!EluTSDhEmYE4q/Qa01h9daANJCN/qrw6hx3Gmz1+LznaLwijwABgdTz1jv1ir7cGUNWptRtTGYu0!Mgpba9memyY+8siRcFB33DrmtA== |
| X-Abuse-and-DMCA-Info | Please be sure to forward a copy of ALL headers |
| X-Abuse-and-DMCA-Info | Otherwise we will be unable to process your complaint properly |
| X-Postfilter | 1.3.40 |
| X-Original-Bytes | 2613 |
| Path | csiph.com!usenet.pasdenom.info!news.stben.net!border3.nntp.ams.giganews.com!Xl.tags.giganews.com!border1.nntp.ams.giganews.com!nntp.giganews.com!local2.nntp.ams.giganews.com!nntp.brightview.co.uk!news.brightview.co.uk.POSTED!not-for-mail |
| Xref | csiph.com comp.databases.ms-sqlserver:1140 |
Cross-posted to 4 groups.
Show key headers only | View raw
Hi All I know what I'm about to put down is probably more theorectical than an pure Db prob, but I don't know where else to post!! :0) Basically I've created a classic asp web app that connects to an sql 2008 express db via ssl and even though the whole sys runs on/through ssl I've been told that I should encrypt certain parts of the db's content just in case anybody gets onto my server and hacks into the db. Now I started to use an old Base64 encryption with a key bit of code that I've had for a bit, but somebody told me that base64 just converts the text into a better transport method rather than actually encrypting it and its easy to hack, but I've put a long key in and it doesn't seem to convert back and forth properly without knowing the key - are they right?? Should I be using something else? Having started to encrypt certain parts, eg a person's name, dob, etc, it suddenly dawned on me that although I'm encrypting and decrypting as I go if I want to do search queries then it ain't gonna work. For example if I want to find all the people with 'gar' in their name then this isn't going to work and if I want to find all the people who are born between Apr and May then this isn't either. My second query is, if I've got the dbs on a dedicated server running only one site, loads of password access only stuff and on https do I really need to encrypt db fields as well?? If so, how do I get round these query (and sort order) issues?? Thanks M
Back to comp.databases.ms-sqlserver | Previous | Next — Next in thread | Find similar
encrypt, not encrypt, why encrypt and how encrypt? "Mojo" <please@dont.spam.com> - 2012-06-21 20:00 +0100 Re: encrypt, not encrypt, why encrypt and how encrypt? Erland Sommarskog <esquel@sommarskog.se> - 2012-06-21 23:27 +0200
csiph-web