Bill Moran wrote:
> What are folks doing to protect sensitive data in their databases?
>
I would probably do my encryption in the application layer, and only
encrypt the sensitive fields. fields used as indexes probably should
not be encrypted, unless the only index operation is EQ/NE, then you
could use the encrypted index value as the search key. this would even
work for foreign key relations.
of course, if part of your cryptography regimen involves key expiration
and rotation, there'd be the hellacious problem of decrypting/reencryption.
it really all depends on what the security requirements are.
-somewhere- there's a weak spot, in the above model, its the application
server thats doing the cryptography, if it gets compromised, then the
keys can be extracted, and all bets are off.
