From: Vikram&nbsp;A
Date: June 17 2011 6:53am
Subject: Re: Encoding "Table Name" and "Filed Name"
List-Archive: http://lists.mysql.com/mysql/225280
Message-Id: <686285.76191.qm@web137407.mail.in.yahoo.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-781805660-1308293636=:76191"

--0-781805660-1308293636=:76191
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

Sir,=0A=0AI agree, its impossible to do=A0manual=A0look ups. But our aim is=
 to avoid the use of DB with out code. Also we have ensured, 'secret data i=
s encrypted using some functions with key'.=A0=0A=0AI shall follow both enc=
ode i.e, =A01) filed and table name, 2) data level? Or only data level is e=
nough by having accounts as you suggested?=0A=0AThanks You.=A0=0AVikram=0A=
=0A________________________________=0AFrom: Johan De Meersman <vegivamp@tux=
era.be>=0ATo: Vikram A <vikkiatbipl@stripped>=0ACc: MY SQL Mailing list <my=
sql@stripped>=0ASent: Friday, 17 June 2011 11:50 AM=0ASubject: Re: E=
ncoding "Table Name" and "Filed Name"=0A=0A=0A----- Original Message -----=
=0A> From: "Vikram A" <vikkiatbipl@stripped>=0A>=0A> My question is, DO i f=
ace any negative project=A0management problems by=0A> doing this? Pleas sha=
re your=A0experience=A0on this aspect and commend=0A> our idea.=0A=0ASeems.=
.. a bit pointless, no? If someone has access to the database, they can sti=
ll see the data. If someone has access to the code, they can still figure o=
ut the naming scheme. If, for some reason, you have to do manual lookups (t=
hink debugging, custom reporting, ...) you're making your own life hard.=0A=
=0AIf you don't want people to see your data, manage your accounts. If peop=
le leave, delete their accounts. Make sure your code prevents SQL injection=
s (use bind variables and so on). Firewall off your server from everything =
but the application server. Et cetera ad nauseam.=0A=0AThere's plenty of se=
curity recommendations, but I've never heard of anyone encrypting their tab=
le and field names. It sounds like something upper management would come up=
 with :-)=0A=0A=0A--=0ABier met grenadyn=0AIs als mosterd by den wyn=0ASy d=
ie't drinkt, is eene kwezel=0AHy die't drinkt, is ras een ezel=0A=0A--=0AMy=
SQL General Mailing List=0AFor list archives: http://lists.mysql.com/mysql=
=0ATo unsubscribe:=A0 =A0 http://lists.mysql.com/mysql?unsub=3Dvikkiatbipl@=
yahoo.in
--0-781805660-1308293636=:76191--