Securely storing the Encryption Key on the Server?
Here is what I am trying to do:
User inputs sensitive data (Social Security Number) in a Web Form. Data will be stored encrypted in the database using AES or DES. The Java front-end web application needs to have access to the encryption key in order to execute the SQL Query to encrypt the data. Since AES uses a password, and DES also uses a password or key (that can be read from a file), my question is how can I securely store the AES password in my Java application and/or how can I securely store the key in the DES-Key-File on the web server? Is there a way to encrypt the encryption key and maintain the password for that encryption off of the server?
Thanks for any help.
Note my environment is:
MySQL 5.0, Windows 2003, Java Web Application
Subject
Views
Written By
Posted
Securely storing the Encryption Key on the Server?
7166
October 04, 2006 11:06AM
3232
January 02, 2007 07:10AM
Sorry, you can't reply to this topic. It has been closed.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.