| Subject | Re: Re: [firebird-support] Database Security |
|---|---|
| Author | Jim McKay |
| Post date | 2004-01-06T18:46:05Z |
Hello Geoff Worboys:
======= At 2004-01-06, 17:51:00 Geoff Worboys wrote: =======
key schema *drastically* improve perfomance. For
high volume transactions, encrypting volumes is too slow.
A number of DB's provide means to "plug-in" encryption
engine. Some provide Key/certificate/ASNxxx storage,
others do not. That (Key storage) is big issue AFAIC,
and capably addressed w/several well established &
proven RFCs.
existing DB, so we work w/what they've got.
Big percentage of 'em are Oracle/DB2. Since HIPAA took affect,
there has been big movement to encrypt DB's... 2+ years
ago, not so much the case. IBM has a standard for this
(ICSF) which works well.
It's ongoing process, and we've seen a lot of different
schemes, some native and a lot of 3rd party.
For HIPAA compliance, there's certification processes that
take a look @ this.
Best regards.
Jim McKay
JMcKay@...
2004-01-06 07:39:20
--
Outgoing mail is certified Virus Free.
Checked by AVG Anti-Virus (http://www.grisoft.com).
Version: 7.0.209 / Virus Database: 261.5.6 - Release Date: 1/2/2004
======= At 2004-01-06, 17:51:00 Geoff Worboys wrote: =======
>There are other ways that may be more convenient, but theseThose work. But record level and/or administrative level
>are inexpensive and offer high quality encryption. You just
>need an authorised person to load the volumes (supply the
>key) before database access can start.
key schema *drastically* improve perfomance. For
high volume transactions, encrypting volumes is too slow.
A number of DB's provide means to "plug-in" encryption
engine. Some provide Key/certificate/ASNxxx storage,
others do not. That (Key storage) is big issue AFAIC,
and capably addressed w/several well established &
proven RFCs.
>> I probably should say DB encryption happens to be of majorOur work is in hospitals. Almost always we connect to
>> importance for me. Most of our work these days is medical.
>> The fastest, slickest, fullest featured DB on the planet I
>> couldn't use if there was no encryption. I understand this
>> is not primary concern for many.
>
>Care to mention what DB it is? Just curious.
existing DB, so we work w/what they've got.
Big percentage of 'em are Oracle/DB2. Since HIPAA took affect,
there has been big movement to encrypt DB's... 2+ years
ago, not so much the case. IBM has a standard for this
(ICSF) which works well.
It's ongoing process, and we've seen a lot of different
schemes, some native and a lot of 3rd party.
For HIPAA compliance, there's certification processes that
take a look @ this.
>= = = = = = = = = = = = = = = = = = = =
>Yahoo! Groups Links
>
>To visit your group on the web, go to:
> http://groups.yahoo.com/group/firebird-support/
>
>To unsubscribe from this group, send an email to:
> firebird-support-unsubscribe@yahoogroups.com
>
>Your use of Yahoo! Groups is subject to:
> http://docs.yahoo.com/info/terms/
>
>
>
>
>--
>Incoming mail is certified Virus Free.
>Checked by AVG Anti-Virus (http://www.grisoft.com).
>Version: 7.0.209 / Virus Database: 261.5.6 - Release Date: 1/2/2004
>
>.
Best regards.
Jim McKay
JMcKay@...
2004-01-06 07:39:20
--
Outgoing mail is certified Virus Free.
Checked by AVG Anti-Virus (http://www.grisoft.com).
Version: 7.0.209 / Virus Database: 261.5.6 - Release Date: 1/2/2004