Re: [UPHPU] store sensitive data in mysql + php web application

Tue, 30 Jun 2009 12:07:30 -0700 


--- On Tue, 6/30/09, Richard K Miller <[email protected]> wrote:

> From: Richard K Miller <[email protected]>
> Subject: Re: [UPHPU] store sensitive data in mysql + php web application
> To: "CarSign" <[email protected]>
> Cc: "UPHPU" <[email protected]>, "Mac Newbold" <[email protected]>
> Date: Tuesday, June 30, 2009, 12:38 PM
> >> Good question.  But as
> is often the case when management is asked about these
> things - they say yes :)
> > 
> > One way to combat that is to help make clear to them
> how big of a problem it would be if your social security
> numbers database was compromised. Think of the PR nightmare,
> liability, litigation, possibly even jail time if there's
> something criminal about their improper handling of the
> data.
> > 
> > That said, if you really do need the data, and your
> web site/web app needs to be able to decrypt it, then you're
> kinda hosed no matter what. If your web server can decrypt
> it, then anyone compromising your web server will be able to
> decrypt it. Even storing it someplace PCI compliant like
> authorize.net won't protect you, because your web server
> would have to have the login credentials to access your PCI
> compliant data store, so anyone getting into your server
> could get into your data store too.
> > 
> 

I thought that I might be hosed. I like the idea of encrypting using the users 
password the best.


> Wesabe.com (personal finance tool) has an interesting
> privacy model. They use a one-way hash of the user's
> username AND password as the foreign key to the user's
> transactions. If someone were to break into their database,
> they'd find a table of usernames and a table of transactions
> but no way to connect them. When I've emailed them for
> support, they ask me to generate a security token and send
> it to them so they can temporarily access my account.
> 
> http://blog.footle.org/2007/02/22/protecting-your-users-data-with-a-privacy-wall/
> 
> I'm sure it's as comforting to them, as to me, that they've
> limited their potential liability.
> 

That is an interesting approach.  What do they do if you have lost your 
password?




      


_______________________________________________

UPHPU mailing list
[email protected]
http://uphpu.org/mailman/listinfo/uphpu
IRC: #uphpu on irc.freenode.net























					Reply via email to