search

dtolabs / yana2

Yet Another Node Authority ... because you wanted an agile Real-Time Service Model (RTSM)
8 stars 1 forks source link

Encryption of attribute values in the database #160

Open ahonor opened 12 years ago

ahonor commented 12 years ago

Provide a means to declare that an attribute value be encrypted in the database.

gschueler commented 12 years ago

Some places to start looking:

gschueler commented 12 years ago

jasypt seems like a straightforward way to allow field-level encryption of certain fields, and external configuration of the encryption key.

Attribute could add an 'encrypted' boolean to flag whether the values need to be encrypted

For NodeValue we could perhaps add a subclass that has an 'encryptedValue' text field. Alternately we would have to modify NodeValue to have an 'encryptedValue' text field, and a boolean flag to indicate it should be used. Will have to experiment with the jasypt plugin to see how it treats nullable fields

ahonor commented 12 years ago

Great. Very encouraging.

On Aug 23, 2012, at 12:06 PM, Greg Schueler notifications@github.com wrote:

jasypt seems like a straightforward way to allow field-level encryption of certain fields, and external configuration of the encryption key.

Attribute could add an 'encrypted' boolean to flag whether the values need to be encrypted

For NodeValue we could perhaps add a subclass that has an 'encryptedValue' text field. Alternately we would have to modify NodeValue to have an 'encryptedValue' text field, and a boolean flag to indicate it should be used. Will have to experiment with the jasypt plugin to see how it treats nullable fields

— Reply to this email directly or view it on GitHub.