Hi Greg,
We have developed a few encryption suites using OpenROAD code. Each case
has very specific requirements. Check if any of these match your
requirements.
- EFT authorisations. The Accounts clerk creates a batch and codes it
with a random key or can choose a system generated key. The manager must
approve the batch with a matching private key. The data is stored in
plain text but the authorisation routine checks the data against the key
and a checksum to make sure there are no changes. Each manager has
their own key and the keys have an inbuilt expiry date. eg:
Generate Payment batch. Clerk enters ABCDEFGH
Approve Payment batch. Manager enters XCRTGDSA
- Creditcard information. Two way encryption for encoding sensitive
customer information. There is OpenROAD and SQL implementations for the
encryption and decryption. The routine is driven by a seed value which
can be unique for each customer/document etc. In order to allow the
encrypted data to be searchable, you can soften the encryption by using
a constant seed. In my implementation (mssql) I use insert triggers on
the table to encrypt the data automatically.
lv_EncryptedCard = p4_encrypt( Li_Customer, Lv_CreditCard );
select customer_no, decrypt(customer_no, CreditCard) from payments
- MD5 checksum to ensure authenticity of payment transactions. The md5
encryption routine written in C. Single call to encrypt a piece of
text. eg
Lv_Encrypted = md5sig( Lv_PlainText);
- Payment batches sent via FTP. Encrypted with PGP via operating system
call. Public key / private key coded to individual user on particular
machine. Eg:
CALL SYSTEM 'start c:\utils\pgp.bat ' + Lv_Myfile;
CALL SYSTEM 'start c:\utils\send_via_ftp.bat ' + Lv_Myfile + '.PGP';
Regards
Paul White
Peerless IT
________________________________
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Greg Wilding
Sent: Tuesday, 17 April 2007 7:06 AM
To: OpenRoad user list
Subject: [Openroad-users] Column Encryption
Does anybody run any internal/third party Encryption tools
against OpenROAD to Encrypt/De-encrypt a database column either using a
code based solution or a public/private key pair
Thanks
Greg Wilding
OpenROAD Developer
ING Australia
Business Technology - Life Risk & Direct Insurances
Level 5, 68 Pitt Street SYDNEY 2000
T (02) 8238 3390, F (02) 8238 3671
E [EMAIL PROTECTED]
IMPORTANT NOTICE
This communication including any file attachments is intended
solely for the use of the individual or entity to whom it is addressed.
If you are not the intended recipient, or the person responsible for
delivering this communication to the intended recipient, please
immediately notify the sender by e-mail and delete the original
transmission and its contents. Any unauthorised use, dissemination,
forwarding, printing, or copying of this communication including any
file attachments is prohibited.
It is your responsibility to scan this communication including
any file attachment for viruses and other defects. To the extent
permitted by law, ING and its associates will not be liable for any loss
or damage arising in any way from this communication including file
attachments.
_______________________________________________
Users mailing list
Users@lists.ingres.com
http://lists.ingres.com/mailman/listinfo/users
