[Openroad-users] Column Encryption

Paul White pwhite at peerlessit.com.au
Thu Apr 26 18:53:21 EST 2007 

Hi Greg,
 
We have developed a few encryption suites using OpenROAD code. Each case
has very specific requirements.  Check if any of these match your
requirements.
 
 
- EFT authorisations.  The Accounts clerk creates a batch and codes it
with a random key or can choose a system generated key. The manager must
approve the batch with a matching private key. The data is stored in
plain text but the authorisation routine checks the data against the key
and a checksum to make sure there are no changes.  Each manager has
their own key and the keys have an inbuilt expiry date. eg:
 
Generate Payment batch.  Clerk enters ABCDEFGH
Approve Payment batch. Manager enters XCRTGDSA
 
 
- Creditcard information.  Two way encryption for encoding sensitive
customer information.  There is OpenROAD and SQL implementations for the
encryption and decryption.  The routine is driven by a seed value which
can be unique for each customer/document etc.  In order to allow the
encrypted data to be searchable, you can soften the encryption by using
a constant seed. In my implementation (mssql) I use insert triggers on
the table to encrypt the data automatically.
 
lv_EncryptedCard = p4_encrypt( Li_Customer, Lv_CreditCard );
select customer_no, decrypt(customer_no, CreditCard) from payments 
 
 
- MD5 checksum to ensure authenticity of payment transactions. The md5
encryption routine written in C.  Single call to encrypt a piece of
text. eg
 
Lv_Encrypted = md5sig( Lv_PlainText);
 
 
- Payment batches sent via FTP.  Encrypted with PGP via operating system
call. Public key / private key coded to individual user on particular
machine. Eg:
 
CALL SYSTEM 'start c:\utils\pgp.bat ' + Lv_Myfile;
CALL SYSTEM 'start c:\utils\send_via_ftp.bat ' + Lv_Myfile + '.PGP';
 
 
Regards
 
Paul White
Peerless IT
 

________________________________

	From: openroad-users-bounces at peerlessit.com
[mailto:openroad-users-bounces at peerlessit.com] On Behalf Of Greg Wilding
	Sent: Tuesday, 17 April 2007 7:06 AM
	To: OpenRoad user list
	Subject: [Openroad-users] Column Encryption
	
	

	Does anybody run any internal/third party Encryption tools
against OpenROAD to Encrypt/De-encrypt a database column either using a
code based solution or a public/private key pair

	Thanks 

	Greg Wilding 
	OpenROAD Developer 
	ING Australia 
	Business Technology - Life Risk & Direct Insurances 
	Level 5, 68 Pitt Street SYDNEY 2000 
	T  (02) 8238 3390, F (02) 8238 3671 
	E greg.wilding at ing.com.au 


	
	
	IMPORTANT NOTICE
	This communication including any file attachments is intended
solely for the use of the individual or entity to whom it is addressed.
If you are not the intended recipient, or the person responsible for
delivering this communication to the intended recipient, please
immediately notify the sender by e-mail and delete the original
transmission and its contents. Any unauthorised use, dissemination,
forwarding, printing, or copying of this communication including any
file attachments is prohibited.
	
	It is your responsibility to scan this communication including
any file attachment for viruses and other defects. To the extent
permitted by law, ING and its associates will not be liable for any loss
or damage arising in any way from this communication including file
attachments.
	

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://peerlessit.com/pipermail/openroad-users/attachments/20070426/571e0032/attachment.html

More information about the Openroad-users mailing list