Subject Re: Re: [firebird-support] Database Security
Author Jim McKay
Hello Geoff Worboys:

======= At 2004-01-06, 17:51:00 Geoff Worboys wrote: =======

>There are other ways that may be more convenient, but these
>are inexpensive and offer high quality encryption. You just
>need an authorised person to load the volumes (supply the
>key) before database access can start.

Those work. But record level and/or administrative level
key schema *drastically* improve perfomance. For
high volume transactions, encrypting volumes is too slow.

A number of DB's provide means to "plug-in" encryption
engine. Some provide Key/certificate/ASNxxx storage,
others do not. That (Key storage) is big issue AFAIC,
and capably addressed w/several well established &
proven RFCs.

>> I probably should say DB encryption happens to be of major
>> importance for me. Most of our work these days is medical.
>> The fastest, slickest, fullest featured DB on the planet I
>> couldn't use if there was no encryption. I understand this
>> is not primary concern for many.
>Care to mention what DB it is? Just curious.

Our work is in hospitals. Almost always we connect to
existing DB, so we work w/what they've got.
Big percentage of 'em are Oracle/DB2. Since HIPAA took affect,
there has been big movement to encrypt DB's... 2+ years
ago, not so much the case. IBM has a standard for this
(ICSF) which works well.

It's ongoing process, and we've seen a lot of different
schemes, some native and a lot of 3rd party.

For HIPAA compliance, there's certification processes that
take a look @ this.

>Yahoo! Groups Links
>To visit your group on the web, go to:
>To unsubscribe from this group, send an email to:
>Your use of Yahoo! Groups is subject to:
>Incoming mail is certified Virus Free.
>Checked by AVG Anti-Virus (
>Version: 7.0.209 / Virus Database: 261.5.6 - Release Date: 1/2/2004
= = = = = = = = = = = = = = = = = = = =

Best regards.
Jim McKay
2004-01-06 07:39:20

Outgoing mail is certified Virus Free.
Checked by AVG Anti-Virus (
Version: 7.0.209 / Virus Database: 261.5.6 - Release Date: 1/2/2004