MySQL Forums
Forum List  »  Security

Re: Encrypt physical storage
Posted by: Jamie Harris
Date: January 06, 2006 11:05AM

Eugene,

Do the users who have admin rights to the server also have access to the application that reads/writes the data in the database? If they don't then I would have thought rather than trying to encrypt the database files you would be better off encrypting the sensitive data before writing it to the tables and having the application require a user to supply the passphrase at startup. Clearly there's no point in encryping all you data or your indexes and relations are useless!

The problem with encrypting that database files that I can see is that you'll need to have some automatic way to supply the data to carry out the decryption before starting MySQL. If you want to do this automatically at boot time it means recording the passphrase/keys somewhere on the server - which you've already said people have admin access to.

What operating system are you using?

cheers

Jamie

Options: ReplyQuote


Subject
Views
Written By
Posted
8048
December 26, 2005 02:04AM
3480
January 04, 2006 12:22AM
Re: Encrypt physical storage
3650
January 06, 2006 11:05AM
4435
January 10, 2006 04:22AM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.