-->
These old forums are deprecated now and set to read-only. We are waiting for you on our new forums!
More modern, Discourse-based and with GitHub/Google/Twitter authentication built-in.

All times are UTC - 5 hours [ DST ]



Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 5 posts ] 
Author Message
 Post subject: postgresql + hibernate - encrypt columns
PostPosted: Tue Jun 09, 2009 6:32 pm 
Newbie

Joined: Mon Mar 27, 2006 7:46 pm
Posts: 17
I have some sensitive data i am storing such as credit card numbers. What is the standard method of encrypting the data when it is stored in my postgresql database?


Top
 Profile  
 
 Post subject: Re: postgresql + hibernate - encrypt columns
PostPosted: Wed Jun 10, 2009 1:49 am 
Beginner
Beginner

Joined: Fri Feb 13, 2009 5:27 am
Posts: 36
Location: India
Jasypt provides an integration package (org.jasypt.hibernate.type) which provides several Hibernate UserType implementations to allow one or several of the properties in a mapped Hibernate entity to be declared as being of an encrypted type


Site:- http://www.jasypt.org/hibernate3.html

ok..

rate me if possible........

_________________
parag


Top
 Profile  
 
 Post subject: Re: postgresql + hibernate - encrypt columns
PostPosted: Wed Jun 10, 2009 10:02 am 
Newbie

Joined: Tue Jun 09, 2009 10:52 pm
Posts: 9
Quote:
What is the standard method of encrypting the data when it is stored in my postgresql database?


I don't know if there is a real standard way of doing this since some DBAs want there data encrypted directly in the database with a stored key in the database. (*rant* By the way not secure, the key should never be stored with the data.) I am making an assumption on your question that you would like the data stored encrypted and then decrypted once the data is queried so that your application is able to process payments as such. If this is the case I am guessing the Jasypt would probably help, but I can't speak to much to it since I've never used it. Another way of implementing your own encrypt/decrypt methods would be to implement the Hibernate Interceptor interface to read/modify the bean's encrypted field before insert/update and after select before the data is returned. If this is what you are looking for let me know and I might have a little time to work up a simple example.


Top
 Profile  
 
 Post subject: Re: postgresql + hibernate - encrypt columns
PostPosted: Wed Jun 10, 2009 11:09 am 
Beginner
Beginner

Joined: Mon Jun 01, 2009 5:39 am
Posts: 34
dcshock wrote:
Quote:
What is the standard method of encrypting the data when it is stored in my postgresql database?


(*rant* By the way not secure, the key should never be stored with the data.)


OK, but what safer place, apart from a tape, is there than a reliable database engine to store data (yes, that means MySQL gets out of the picture here)? Of course, it also means that access to the database server is strictly controlled. It should be, anyway.

What's more, for any operations that require a filter on the column, if you don't allow the data to be decrypted on the database side, it is up to your application to do the filtering. Not a good choice.


Top
 Profile  
 
 Post subject: Re: postgresql + hibernate - encrypt columns
PostPosted: Wed Jun 10, 2009 2:44 pm 
Newbie

Joined: Tue Jun 09, 2009 10:52 pm
Posts: 9
Quote:
it is up to your application to do the filtering. Not a good choice.


I differ strongly on the above opinion. If you store the data and key in the database anyone that is able to get access to a backup or the server has the data. Why encrypt data that can be easily accessed by anyone that is able to access the box? The consumer of the data should be able to decrypt it separately so that the data is truly secure.

Obviously someone has to hold the key.


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 5 posts ] 

All times are UTC - 5 hours [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
cron
© Copyright 2014, Red Hat Inc. All rights reserved. JBoss and Hibernate are registered trademarks and servicemarks of Red Hat, Inc.