I read a comment that when doing the data encryption at the database level as opposed to application level, some of the data will linger in its raw plain text format in the logs. True or false? and is it something I should worry about?
+1
A:
Yes. For example, a credit card number query may be printed in a log. You must disable or selectively log to prevent this from happening.
mcandre
2010-07-07 14:16:29
+1
A:
Ok,
Well if you do data encryption at the database level this means you're transferring the data in cleartext over the various channels, routers, and into the application.
So in order to make it secure, you'd have to secure every channel from end-to-end which obviously creates a bigger security risk. Especially since you do not have control over every node and channel from your database to your application in general.
That is why in my opinion, you should do the encryption at the application level (server side to avoid tampering) and to send that over the wire. No matter what happens in the middle you'll be assured that your data is still safe.
Note: Even if DB and Application reside on the same server, this is still valid as you may consider the possible direct connection between the application and the DB as a channel.
Kind Regards,
Trefex
2010-07-07 14:34:37
This is why there's SSL to secure the data while being transmitted. It sounds the OP is asking about something else, addressed more accurately by mcandre's answer.
Kamo
2010-07-07 14:58:32
Well if the data is decrypted before being sent through the SSL channel, the data could still be logged on every single point before entering the tunnel, this means, Database Logs, Web Server Logs, Server Logs, etc...So I don't think my answer is too far off?
Trefex
2010-07-07 15:02:17