At 11:00 +0800 on 02/08/2015, Timothy Sipples wrote about Re: Anthem
Healthcare Hacked:
Tom Brennan writes:
Maybe someone can tell me what difference it makes whether the data was
encrypted on disk or not (as some news reports are talking about). I
mean, if I do a SELECT * from an admin id I must be going through the
decrypt process, right?
No, that's not a given. Many financial transaction systems -- handling
credit and debit cards, for example -- store sensitive information using
various hash functions.
What is done with the Sensitive Data is importance. In many cases,
such as passwords, there is no need to know the actual data but only
to compare it with some supplied value to see that it matches. Thus a
stored one-way hashed value is secured since there is no way to
unhash it since all that is needed is to hash the value you think it
is and compare the two hashes.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
