List:General Discussion« Previous MessageNext Message »
From:Dan Nelson Date:June 28 2000 4:58am
Subject:Re: Here's a suggestion for a better Encode/Decode method.
View as plain text  
In the last episode (Jun 27), Daevid Vincent said:
> I have to say I'm very displeased with the whole way I *had* to build
> the database. It seems to me that security in databases should be
> paramount, and the ENCODE/DECODE functions feel like an afterthought.
> Like, "oh yeah, let's just slap this stuff in and have it only work
> on strings!". 

I don't know of any database engine that supports encryption of
arbitrary columns like that.  Security in Mysql is enforced by the
grant tables, and can be adjusted down to the column level.  Note that
this is exactly how Oracle handles permissions as well, and no-one's
complaining about *its* security.

Also, separately encrypting each column means you're going to have to
do full table scans for all your queries.  If mysqld can't get at the
column data, it can't index it.

-- 
	Dan Nelson
	dnelson@stripped
Thread
Here's a suggestion for a better Encode/Decode method.Daevid Vincent28 Jun
  • Re: Here's a suggestion for a better Encode/Decode method.Dan Nelson28 Jun
    • RE: Here's a suggestion for a better Encode/Decode method.Daevid Vincent28 Jun
  • RE: Here's a suggestion for a better Encode/Decode method.Carsten H. Pedersen28 Jun
    • Re: Here's a suggestion for a better Encode/Decode method.Mike Wexler28 Jun
    • RE: Here's a suggestion for a better Encode/Decode method.Daevid Vincent28 Jun
      • Re: Here's a suggestion for a better Encode/Decode method.Benjamin Pflugmann29 Jun
        • RE: Here's a suggestion for a better Encode/Decode method.Daevid Vincent2 Jul