> amount of clinical/social information about paediatric HIV/AIDS patients.
It
> was an SQL Server - based system with all sensitive data stored and
> transferred to workstations encrypted using 128bits encryption. (Decoding
> happens only at the workstation). I'm trying to find out exactly how it
was
> done.
>
> Does anybody have knowledge of similar 128bits encryption tools that would
> work with ANY sql-compliant DBMS (no runtime licenses, obviously), and in
> particular with MS Access?
>
> (Pls note that I'm NOT asking about systems that would also satisfy all
> kinds of legal requirements etc - the crucial target is to protect patient
> data against e.g. theft of PCs).
Yep. You can use Peter Gutmans cryptlib, or Wei Deis crypto++ library, or
use the gnu privacy guard. The latter two are absolutely free and work with
any sql compliant DBMS as long as it can call either external "user defined"
modules or system calls ("exec").
However, the sql server should be completely oblivious about the crypto
stuff for your purposes. It is the clients who do the encryptions /
decryption, then you don't have to worry about the data transport between
client and server. I highly recommend crypto++ or the gnu privacy guard for
this purpose.
Horst
