Re: using mySQL to store credit card info
"2. Encryption_password can be stored encrypted by user password for any user who need it. When user logon, Encryption_password is decrypted by user-logon-password and stored into the RAM. Encryption_password when stored into the memory can be additionally encrypted by session_password for current session"
This is a good approach when you want to have each user to have access to their sensitive data using their own encryption key.
In our case, we need to have a single encryption key that is used within the front-end Java application to encrypt Social Security #'s (SSN) being stored in the database. At a later date, we need to be able to decrypt all of the SSN's for tax purposes.
I have searched the forum and not yet found a good answer for how to protect the encryption key in the front-end Java application. For example, our Java front-end web app will contain the query to encrypt the data the user has inputted in the web form. How can we protect the encryption key in the Java code?
Subject
Views
Written By
Posted
27741
February 03, 2005 03:44PM
11609
March 29, 2005 07:54AM
9745
June 26, 2005 10:25PM
10602
July 23, 2005 10:39PM
14649
September 08, 2005 06:04AM
24208
September 08, 2005 06:47AM
7950
September 20, 2005 09:00AM
7465
November 21, 2005 11:09PM
7055
November 28, 2005 05:36AM
6874
November 28, 2005 08:21PM
6938
November 29, 2005 05:51PM
6869
February 18, 2006 06:34PM
6449
April 06, 2006 09:41AM
6726
April 07, 2006 01:28PM
7171
April 19, 2006 08:23PM
9464
May 08, 2006 04:33PM
Re: using mySQL to store credit card info
9187
October 04, 2006 09:11AM
6349
February 20, 2008 12:58PM
6524
February 20, 2008 01:24PM
6423
January 06, 2007 07:26PM
5286
February 16, 2009 07:37PM
Sorry, you can't reply to this topic. It has been closed.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.