What is the best way to keep database data encrypted with user passwords?

Posted by Dan Sosedoff on Stack Overflow See other posts from Stack Overflow or by Dan Sosedoff
Published on 2009-12-08T16:56:58Z Indexed on 2010/05/22 21:40 UTC
Read the original article Hit count: 201

Filed under:
|
|
|

Let's say an application has really specific data which belongs to a user, and nobody is supposed to see it except the owner. I use MySQL database with DataMapper ORM mapper. The application is written in Ruby on Sinatra.

Application behavior:

  1. User signs up for an account. Creates username and password.
  2. Logs into his dashboard.
  3. Some fields in specific tables must be protected.

Basically, I'm looking for auto-encryption for a model properties. Something like this:

class Transaction
  include DataMapper::Resource

  property :id, Serial
  property :value, String, :length => 1024, :encrypted => true
  ... etc ...
  belongs_to :user
end

I assume that encryption/decryption on the fly will cause performance problems, but that's ok. At least if that works - I'm fine.

Any ideas how to do this?

© Stack Overflow or respective owner

Related posts about ruby

Related posts about database