Return-Path: Delivered-To: apmail-cayenne-user-archive@www.apache.org Received: (qmail 85820 invoked from network); 6 Feb 2009 14:46:44 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 6 Feb 2009 14:46:44 -0000 Received: (qmail 47946 invoked by uid 500); 6 Feb 2009 14:46:42 -0000 Delivered-To: apmail-cayenne-user-archive@cayenne.apache.org Received: (qmail 47933 invoked by uid 500); 6 Feb 2009 14:46:42 -0000 Mailing-List: contact user-help@cayenne.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@cayenne.apache.org Delivered-To: mailing list user@cayenne.apache.org Received: (qmail 47897 invoked by uid 99); 6 Feb 2009 14:46:42 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 06 Feb 2009 06:46:42 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy) Received: from [65.217.214.14] (HELO cnyexchfe01.composers.caxton.com) (65.217.214.14) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 06 Feb 2009 14:46:33 +0000 Received: from CNJEXCHANGE.composers.caxton.com ([149.85.145.82]) by cnyexchfe01.composers.caxton.com with Microsoft SMTPSVC(6.0.3790.1830); Fri, 6 Feb 2009 09:46:10 -0500 Content-Class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.3168 Subject: RE: Encrypted Fields Date: Fri, 6 Feb 2009 09:46:10 -0500 Message-ID: In-Reply-To: <5adb61290902060635p1e01908dnd008f44eebef0ddf@mail.gmail.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Encrypted Fields thread-index: AcmIaD71YwHqzv30T1SGBL6OKkpY6QAATc6g References: <303D3774-6AA8-4776-895E-7AD58959E7DC@earthlink.net> <7E4F0E1A-6100-45E8-8BA6-828E710D9ACB@ish.com.au> <5adb61290902060635p1e01908dnd008f44eebef0ddf@mail.gmail.com> Importance: normal Priority: normal From: "Ramachandran Rajashri" To: X-OriginalArrivalTime: 06 Feb 2009 14:46:10.0890 (UTC) FILETIME=[A6D832A0:01C98869] X-Virus-Checked: Checked by ClamAV on apache.org Hi Michael, I would be very interested in reading you paper. How do I get access to it? Thanks Raji -----Original Message----- From: Michael Gentry [mailto:mgentry@masslight.net]=20 Sent: Friday, February 06, 2009 9:36 AM To: user@cayenne.apache.org Subject: Re: Encrypted Fields Joe, something I've explored doing (wrote a little paper on it, but never implemented it) was to have a pair of values for sensitive fields. One is the encrypted value (socialSecurityNumber) and the other is a version (socialSecurityNumberVersion). The version field maps to different keys used to encrypt the main field. This allows for the keys to be changed (due to an employee leaving or perhaps you have a 3 month mandate for key changes) while still allowing you to read the old values. The key file should be kept on the disk and protected by Unix file permissions so others can't read it easily. I'm not sure if I made sense, but I've you'd like, I can dig up my little paper to send you (it might be more helpful). Just tell me the formats you can read (right now it is a Google Doc). mrg On Thu, Feb 5, 2009 at 11:01 PM, Joe Baldwin wrote: > These are all good points. I can do it either way as far as the business > rules go. I was just looking for some suggestions as to best practices. > The downside to using the database-managed encryption, is that it makes the > Cayenne code pretty messy (unless of course that I have missed some > Utility/Convenience method that deals with applying MySQL functions to > fetched data). > > I can brute-force this, as I mentioned earlier, by making the conversions > via Cayenne select queries and the #result directives pattern. My > implementation turned out to be kind of messy and so I was thinking there > has to be a better way. > =20 =20 =20 =20 This message may contain information that is confidential or privileged. = =20 If you are not the intended recipient, please advise the sender = immediately and delete this message.