You could always use an nChiper Encryption Appliance which holds your keys. You would need to then make a request to the ncipher to encrypt then store the response in a DB.
These are PCI compliant Appliances but they come at a $$$ and you would need 2 in case one fails Eric Haskins On Tue, Oct 21, 2008 at 12:08 AM, Dave Watts <[EMAIL PROTECTED]> wrote: > > however what do you do with the live database? > > You can't effectively encrypt the database itself. You could encrypt > and decrypt field values from within CF, but that doesn't guarantee > the security of your data, as the encryption key would be stored > within your CF app. > > > i don't know much about this area and would appreciate any guidance on > what i need to be > looking at, searching for, and thinking about. > > The most important question is, what threats are you trying to protect > against? > > Are you concerned with internal threats? Rogue database > administrators? Someone getting access to offsite backup media? Those > are the typical threat profiles that would provide justification for > database encryption. > > Dave Watts, CTO, Fig Leaf Software > http://www.figleaf.com/ > > Fig Leaf Software provides the highest caliber vendor-authorized > instruction at our training centers in Washington DC, Atlanta, > Chicago, Baltimore, Northern Virginia, or on-site at your location. > Visit http://training.figleaf.com/ for more information! > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:314175 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
