Re: DMZ databases

[Ryan Russell <ryan () securityfocus com>]

On Wed, 29 Mar 2000, Scott, Richard wrote:

> Greetings all,
>
> I was wondering what forms of database security anyone out there is
> currently recommending for Customer held information in public databases.
> One example could be Social Security numbers, another would be Credit Cards
> information and so on.
> I have seen some solutions use the SQL encrypt/decrypting (e/d) of a stored
> procedure to access this information.  However, in the even that the SQL box
> is compromised internally, this isn't affective.  Using symmetric
> encryption is the problem.  Where do we store the keys, and if we write a
> procedure to e/d the data., surely this could be executed by the person
> compromising the Database.

Depends on what you need to do with the data.  If you need the data in the
clear, then the app needs to be able to decrypt it, no way around it.  For
example, if you're trying to allow customers to make purchases via credit
card, and not have to re-enter the card each time, then someone has to
store the card number somewhere.  Some places would like that to be on a
credit card clearing service's server, on the assumption that they are
more careful with that stuff.

If you only need to verify or look up based on the customer giving you a
SSN or CC# each time they come in, ala a password, then you can store a
hash of it.

                                Ryan