Working with an encrypted database |
(05-17-2019, 09:07 AM)jhob Wrote: Although further issue is if encryption key is stored on the server as plain text, as it would be with CI encryption library, and the server is then compromised, attacker would have the key required to decrypt the contents of the database. Are there any solutions that can help to guard against that? If they gain that kind of access there isn't anything they cannot do. If they have unrestricted access to the webserver files they likely have the same access for the entire server meaning there isn't any place a key can be stored where it is secure. (Scary eh?) But encrypting the database will pevent them getting usable data in the event of a successful attack the gets them into the database only. |
Messages In This Thread |
Working with an encrypted database - by jhob - 05-17-2019, 02:37 AM
RE: Working with an encrypted database - by dave friend - 05-17-2019, 04:57 AM
RE: Working with an encrypted database - by jhob - 05-17-2019, 09:07 AM
RE: Working with an encrypted database - by dave friend - 05-17-2019, 10:49 AM
RE: Working with an encrypted database - by includebeer - 05-17-2019, 03:39 PM
RE: Working with an encrypted database - by php_rocs - 05-17-2019, 05:41 AM
RE: Working with an encrypted database - by jhob - 05-17-2019, 09:08 AM
|