Mysql Encryption and Key managment

Posted by microchasm on Server Fault See other posts from Server Fault or by microchasm
Published on 2010-04-30T15:28:09Z Indexed on 2010/04/30 15:39 UTC
Read the original article Hit count: 228

Filed under:
|

I am developing a local intranet system in PHP/MySQL to manage our client data. It seems that the best practice would be to encrypt the sensitive data on the MYSQL server as it is being entered.

I am not clear, though, on what would be the best way to do this while still having the data readily accessible.

It seems like a tough question to answer: where is the key(s) stored? How to best protect the key? If the key is stored on each users' machine, how to protect it if the machine is exploited? If the key is exploited, how to change the key?

If the key is to be stored in the db, how to protect it there? How would users access it?

If anyone could point me in the right direction, or give some tips I'd be very grateful.

Thanks.

© Server Fault or respective owner

Related posts about mysql

Related posts about encryption