Gustav Brock
Gustav at cactus.dk
Fri Sep 7 05:13:40 CDT 2007
Hi Arthur Yes, a simple but extremely efficient method is to encrypt at the field level. Then, even with access to the tables, no information can be read. I've used that for mdb files sent over the Internet thus eliminating the need for VPN or encrypted mail. Here's the header info: ' PC1 Cipher 128-bit key ' (c) Alexander Pukall 1991 ' Can be used freely even for commercial applications ' ' MS Access 97 version by ' Gustav Brock, Cactus Data ApS ' gustav at cactus.dk ' ' 2002-03-09. V1.0 ' Initial port from Visual Basic. ' 2002-06-23. V1.1 ' Code clean up and constants added. ' Redundant code removed. ' Modified to fully comply with VB datatypes. ' Modified to not crash for certain passwords. ' Modified for high speed conversion of long strings ( > 32K). ' 2002-06-24. V1.2 ' Functions added for en/decrypting to/from binary strings. ' Usage: ' SetPassword(password) sets password prior to en/decryption. ' GetPassword() retrieves current password. ' StrEncrypt(DecryptedString) returns encrypted ascii string. ' StrDecrypt(EncryptedString_ascii) returns decrypted string. ' StrEncryptBin(DecryptedString) returns encrypted binary string. ' StrDecryptBin(EncryptedString_binary) returns decrypted string. ' ' Encrypted ascii string is twice the length of the decrypted string. ' Encrypted ascii string contains low ascii chars from a to p only. ' Encrypted binary string is same length as the decrypted string. ' Encrypted binary string may contain any char including Chr(0). ' Password may contain any ascii char including Chr(0). ' Password is maintained in global variable strPC1Password16. I've posted the full module previously: http://databaseadvisors.com/pipermail/dba-tech/2005-February/003711.html /gustav >>> fuller.artful at gmail.com 07-09-2007 11:23 >>> This would appear to be an appropriate thread in which to present my question, rather than beginning a new thread. The app I have just developed is for a very small market niche (in fact, so far as I have determined, said niche contains only one competitor, and my client is so unhappy with said competitor's product that she commissioned me to write a replacement). All that aside, there is the issue of credit cards. It's simple enough to mask the content of the credit card column so that only the last four numbers show, but the data is still there, naked as it were, and subject to the aforementioned "link tables" attack. This app uses an MDB as its back end (so far). I know what to do if the BE is SQL Server (encrypt the column), but I am not sure what to do in the case of an MDB BE. The firm's accountant is concerned with this data being potentially available to leakage (either a disgruntled employee or an internet penetration). Perhaps a code algorithm to scramble and unscramble the numbers will suffice. I'm not sure. Any thoughts from the esteemed readership here? A.