I just finished a Column Converter plugin. It will allow you to store encrypted data in your backend database, and have Servoy automatically decrypt for viewing and editing. It uses Blowfish encryption and each column can have its own key.
It also allows you to use your own global methods to do any other type of conversion you may need, which can also be used as a Column Event if you wanted to do that. I haven’t done a ton of testing with it yet, so you can let me know if there are any problems.
More info at: http://www.servoyguy.com/servoy_compone … pro_plugin
Great!
Does it also handles searches transparently? I mean: can I freely search on that column and the plugin will take care of everything?
No, you can’t search an encrypted column since searches are done on the DB site. So, you would use it for password fields, or very sensitive information that shouldn’t be searched.
Exact searches could work if you encrypt the search string and search for that. But LIKE queries will not work.
That’s what I figured out, I’m having an hard time trying to encrypt a Name column while keeping the ability to search on that column.
Encrypting the database data poses many linitations (searches, indexes, etc), looks like the easiest way is to encrypt the table space or filesystem but then the key should reside on the server and doesn’t look secure at all.
Normally if the data is so sensitive that you want it to be encrypted, then you usually don’t want to allow it to be searched, as that could defeat the purpose to encrypting the data.
That’s true but there’s a law in Italy that enforces us to store sensitive data in encrypted format. By sensitive data I mean data related to health, sexual preference, political preference, religion, etc.
I’m now working on a project that implies storing patients data and to fulfill the requirements I have to store the patient name encrypted, since loosing the ability to perform LIKE searches on the patient name is not an option I’m evaluating the various options and so far the only one that looks doable is to encrypt the tablespace at filesystem level. I know that this is less secure that storing encrypted data inside the DB but it still complies with the law and it’s easier to implement.
The underlying DB will be Postgres or MySQL.
If someone have suggestions feel free to post.