On Tue, May 15, 2007 11:12, Chris wrote:
> Ratheesh K J wrote:
>> Hello all,
>>
>> I have a requirement of maintaining some secret information in the
>> database. And this information should not be visible/accessible to any
>> other person but the owner of the data.
>> Whilst I know that encryption/decryption is the solution for this, are
>> there any other level of security that I can provide to this?
>>
>> Which is the best security technique used in MySQL to store seceret
>> information.
>>
>> PS: Even the database admin should not be able to access anybody else's
>> information
>
> Then you're stuffed - *someone* has to be able to see everything so you
> can do a mysqldump.
>
> *Someone* has to be able to see everything so you can grant permissions
> to the other users too :)

Well, doing encryption in user-interface (PHP mcrypt) using a password
not stored in app. or db would hide information pretty good.

-- 
Later

Mogens Melander
+45 40 85 71 38
+66 870 133 224



-- 
This message has been scanned for viruses and
dangerous content by OpenProtect(http://www.openprotect.com), and is
believed to be clean.


-- 
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe:    http://lists.mysql.com/[EMAIL PROTECTED]

Reply via email to