cayenne-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dov Rosenberg <drosenb...@inquira.com>
Subject Re: Encrypted Fields
Date Sat, 07 Feb 2009 18:50:59 GMT
One of our customers who is big into security had a pretty good idea. Their
concern was that if the sensitive data could be decrypted it was vulnerable
and considered a security risk. They proposed using a one way encryption
algorithm and then only comparing the hash values of the sensitive data -
not the actual data itself. I am not certain which algorithm they were
talking about.

Dov Rosenberg


On 2/7/09 12:08 PM, "Michael Gentry" <mgentry@masslight.net> wrote:

> Here it is:
> 
> http://people.apache.org/~mgentry/Security_Manifesto.pdf
> 
> Joe had a few questions off-the-list (about how to do a query on an
> encrypted value) and I'll try to update it soon, but that's the
> current version I have.
> 
> Comments appreciated, as always.
> 
> mrg


Mime
View raw message