topic Re: Data Encryption in Operating System - HP-UX

Data Encryption

Prabhu_9 — Tue, 04 Sep 2007 02:05:34 GMT

We need to store some Sensitive info in our Database (DB2). What kind of encryption methodology / logic that generally used for encrypting sensitive info like Credit card info, Social Security #, Account #/ PIN etc…?

What is the best practise to do the encryption?
Encrypt in ETL tool (datastage) or in database (DB2)?

Iam reading info on DES,AES. But how to call them from a ETL Tool? Does that mean a encrypt function provided by a ETL or DB will internally use these methods?

Please HELP. Thanks

Re: Data Encryption

tkc — Tue, 04 Sep 2007 04:10:20 GMT

how about this tool called EVFS ?

http://docs.hp.com/en/5991-5390/ch01s01.html

Re: Data Encryption

whiteknight — Tue, 04 Sep 2007 08:07:19 GMT

Hi

You can download this EVFS software for free.

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=EVFS

Supported 11iv2 and 11iv3 onwards

WK
please assign points

Re: Data Encryption

Heironimus — Tue, 04 Sep 2007 11:43:54 GMT

There is no quick answer, it all depends on what data you're storing and how you're using it. If it's only used for comparisons you can use a one-way hash like SHA1. In some cases you want the application to encrypt data and store the ciphertext in the database, in other cases you want the database to handle the encryption. Some types of data can also be partially masked out instead of being hashed or encrypted. You probably need everything to be encrypted over the network, though.

If you're handling credit card information you really need to sit down and spend some time reading the PCI-DSS document because you'll probably be audited for compliance. Its guidelines are written specifically for handing cardholder data. Even if you're not doing payment cards many of the guidelines can be applied to other types of data.