|Subject||Re: [firebird-support] Re: Encryption and changing laws|
>> Financial requirements are that the data can only be read by(A bit off topic; sorry Helen) I do not claim that my solution is perfect, only that it meets certain requirements. The key thing is to read and understand the requirements at the outset.
>> appropriate people and the system DBA is not (usually) one
>> of them. The DBA can access the data using any tools
>> available, but must only see encrypted values.
>This is a common problem - few businesses fully appreciate just
>how visible their data is to the system administrators and
>support personnel (often from other companies).
>Even your solution can be quite vulnerable: lots of study goes
>into retrieving data based on context; the ability to obtain
>copies of encrypted data over time can be used to help break
>the encryption; key management with inexperienced users can be
>a big problem.
Most financial systems will now require this as a minimum.
Back on topic, but on another tack, MS SqlServer allows for encryption of stored procedure statements. From a developer's perpective, this is a great benefit and one which I would love to see in Firebird. It is in fact one of only two reasons where I prefer SQLServer. There are of course other reasons for where I prefer Firebird.