[Info-Ingres] Encryption of Data at Rest
Gibson Jonathan
Jonathan.Gibson at hiscox.com
Thu Nov 22 03:18:45 CST 2007
I didn't know you'd got a new job at HMCR
----- Original Message -----
From: info-ingres-bounces at kettleriverconsulting.com <info-ingres-bounces at kettleriverconsulting.com>
To: info-ingres at kettleriverconsulting.com <info-ingres at kettleriverconsulting.com>
Sent: Thu Nov 22 09:01:52 2007
Subject: [Info-Ingres] Encryption of Data at Rest
Hi Everyone,
Does anyone know if there are any plans to introduce data encryption into the database? I'm not talking about encryption on data in flight, Ingres/Net can handle that quite adequately. What I want is to be able to encrypt data when stored in the database and ensure that unless the proper key is given that the data displayed is gobbeldygook.
I'd like to be able to - and I apologise in advance, the following is a stream of consciousness:
1. Encrypt on AES/Rijndael cipher specific columns in a table.
Probably just non index items will do for a starter.
I don't need to have different rows encrypted on different keys, but I could see situations where that might be useful.
2. Have multiple keys allowed so column X might be encrypted with one key and column Y with another.
3. Be allowed to change keys.
Although how that will work on existing data encrypted on an old key will be fascinating particulary if the table is huge. Probably would need to store a uuid to identify the key in time as well as the data encrypted with that specific key and then have some modify command to heal it all up at some point, table partitions may be useful here. Hmm, that may help with allowing horizontal differences in encryption keys.
4. Not store the encryption keys in the database.
But it would be good to do it in something attached to the database so it could be part of the backup cycle. This would allow the recovery of older databases and their older encryption keys.
My thought was to extend the configutaion file.
5. Encryption key restricted access.
Only people with a specific privilege can access the keys. Not even database owners should be automatically granted the privilege.
Although I'm not sure how applications can then specify the encryption key required to decrypt data…Embed it like a role password?
If anyone has some thoughts on this then lets here them!
Martin Bowes
--
Random Duckman Quote #74:
Cornfed: Oh....I must say I'm surprised at how readily you boys bastardized
your code of ethics in order to justify a morally dubious decision.
That was very grown up of you.
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. No one else is authorised to distribute, forward,
print, copy or act upon any information contained in this email.
If you have received this email in error, please notify the sender.
Hiscox Syndicates Limited, Hiscox Insurance Company Limited,
Hiscox Underwriting Limited and Hiscox Investment Management
Limited are authorised and regulated by the Financial
Services Authority. Hiscox plc is a company registered in England
and Wales under company registration number 2837811 and registered
office at 1 Great St Helen's, London EC3A 6HX
**********************************************************************
More information about the Info-Ingres
mailing list