IMHO encryption is most needed when data is being transmitted between
locations, either over a comm link or via physical tapes. This is where
it is most susceptable to interception.
Encrypting all data within a processing site (such as the credit card
processer in the recent news) sounds like overkill. Every record or
field would have to be decrypted EVERY TIME IT IS USED and reencrypted
when it is updated. The overhead would be incredible, and the keys
would have to be available to every program and user with a legitimate
use for the data, which makes the keys more susceptable to a hack.
Doesn't sound practical to me
--
Bruce A. Black
Senior Software Developer for FDR
Innovation Data Processing 973-890-7300
personal: [EMAIL PROTECTED]
sales info: [EMAIL PROTECTED]
tech support: [EMAIL PROTECTED]
web: www.innovationdp.fdr.com
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
