On 6/23/08, Tye <[EMAIL PROTECTED]> wrote: > When the user hits submit, I want the SSN to be encrypted, stored in a > database (encrypted), read from a database (encrypted) by a secure, > authorized & authenticated connection, and decrypted somewhere along > the end of the line for appropriate viewing discretion.
This is exactly what Thales's solutions could do for you... ### Time-to-time we had to implemented some encryption/decryption by ourself, but each solution has at least one crucial point and it is key management. Typically, we use key compound of two independand keys generated from passwords hold by two senior managers, which have to change their password regularly (e.g. 4 weeks) and simultaneously -> data has to be reencrypted once both password has been changed. And to reencrypt huge amount of data under single transaction - it is not an easy task - e.g. we fought with transaction log overflow etc... And another potential problem are SQL expressions referring encrypted data - to avoid full scan, you need encrypt a querying value before SQL command is executed to be able use indeces. Peter --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---