On Tuesday 15 March 2005 13:01, Brian Henning wrote: > Hi Guys, > It's becoming inevitable that my employer is going to ask me to add > the ability to store credit card numbers to a point-of-sale application > I've been developing. I've been steadfastly refusing to do so thus far > because I don't want the security responsibility for the data... But > it's become clear that we really do need to be able to retrieve the data > to do things like process RMA credits and whatnot. > > So my question is... What encryption scheme should I be studying? I > really don't know a lot about encryption.. Here are the requirements I > have for whatever method you folks suggest. > > - Easily integrated into the application as it is. Something that could > live in a MySQL field or two would be optimal. > - Reversable, obviously. > - Reasonably secure against decryption by Bad Guys. > - Reasonably easy to work with in Java. > > The MySQL server doesn't answer requests outside the local net, but I > have to assume that there's a chance someone could get in and see the > raw table data.. > > So. Suggestions? > > Thanks! > ~Brian
I Just read this article, It's oracle specific, but the ideas should be applicable. http://www.oracle.com/technology/oramag/oracle/05-jan/o15security.html Ron -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
