Re: using mySQL to store credit card info
"2. Encryption_password can be stored encrypted by user password for any user who need it. When user logon, Encryption_password is decrypted by user-logon-password and stored into the RAM. Encryption_password when stored into the memory can be additionally encrypted by session_password for current session"
This is a good approach when you want to have each user to have access to their sensitive data using their own encryption key.
In our case, we need to have a single encryption key that is used within the front-end Java application to encrypt Social Security #'s (SSN) being stored in the database. At a later date, we need to be able to decrypt all of the SSN's for tax purposes.
I have searched the forum and not yet found a good answer for how to protect the encryption key in the front-end Java application. For example, our Java front-end web app will contain the query to encrypt the data the user has inputted in the web form. How can we protect the encryption key in the Java code?
Subject
Views
Written By
Posted
27612
February 03, 2005 03:44PM
11543
March 29, 2005 07:54AM
9698
June 26, 2005 10:25PM
10545
July 23, 2005 10:39PM
14569
September 08, 2005 06:04AM
24127
September 08, 2005 06:47AM
7895
September 20, 2005 09:00AM
7412
November 21, 2005 11:09PM
7013
November 28, 2005 05:36AM
6823
November 28, 2005 08:21PM
6887
November 29, 2005 05:51PM
6823
February 18, 2006 06:34PM
6404
April 06, 2006 09:41AM
6677
April 07, 2006 01:28PM
7134
April 19, 2006 08:23PM
9399
May 08, 2006 04:33PM
Re: using mySQL to store credit card info
9128
October 04, 2006 09:11AM
6287
February 20, 2008 12:58PM
6466
February 20, 2008 01:24PM
6353
January 06, 2007 07:26PM
5239
February 16, 2009 07:37PM
Sorry, you can't reply to this topic. It has been closed.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.