Tumbleweed Secure Messager messed up my post. Trying again. >We have go a customer number in applications and this number is currently part >of a primary key, we have a requirement >to encrypt this number and also >should not be used in the tables directly , which means this can not be part >of a >primary key. pls share your thoughts on the same as to how to take this >forward?
Ron, I have 3 thoughts on this: (1) Ask the question on the DB2-L (2) Question the requirement. Concerns about the privacy of customer identifiers when stored in a database could mean that the real problem is elsewhere (firewalls, reports in the dumpster, etc.). There was a time when most customer records used SSN as a primary key. Then privacy concerns forced most companies to use an alternate identifier and relegated SSN to the status of a secondary identifier, whose usage was severely curtailed. It now sounds like your organization is concerned about their own internally assigned customer ID's leaking out. (3) How else can you uniquely identify a customer? You will need some combination of Personal Identification Information (PI), any of which have their own privacy concerns. Name? (not unique) Name + DOB? (still not unique) Name + DOB + Gender + Height + Weight (subject to change) Phone Number (not unique) ZipCode (not unique) DL No (not everyone is a driver). John ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
