存储加密的个人信息 - 常识？ [英] Storing encrypted personal information - common sense?

问题描述

我们正在开发一个电子商务应用程序，将由我们的客户按月付款计划使用。

我们认为有关提供存储在数据库中的所有个人数据的加密，使我们的应用程序对最终消费者更加安全。

加密将在前端和后端完全透明，并确保即使有人获得纯粹的数据库访问，也不可能在没有加密密钥的情况下解密最终消费者的个人信息。

这是常识还是我们对于最终的客户而言，增加安全性可能会增加嚼口粮的难度？

解决方案

我可能会出来在这里我的深度，因为我不是一个安全专家，但这里有几个问题，请记住：

• 什么攻击者是否有机会访问数据？






• 攻击者可以从访问数据中获得什么？




• 如果攻击者获取数据访问权限，您或您的公司会失去什么？这不仅仅是数据，也可能是您的声誉。




• 多少会 cost 实现？




• 你是什么？ =http://www.wired.com/politics/security/news/2005/06/67845 =nofollow noreferrer>关于客户资料的法律义务




• 如果使用单一的全球密钥对数据进行加密，那么您如何保证密钥的安全？




• 真的很安全吗？如何使用它来加密和解密数据？




• 如果使用多个密钥加密数据（可能每个客户登录一个），如何如果客户丢失了密钥/密码，您是否可以恢复数据？




• 如果您能够恢复客户数据，那么这会影响其安全吗？ >




• 电脑维修技术人员，系统管理员等等，都要对您的数据库服务器，以及如何影响数据安全？ （不仅仅是外部黑客）




• 加密和解密的性能效果是什么？




• 还有什么其他机制，如防火墙，物理安全和员工审核？

这是英国FSA的报价您的
的责任客户数据安全（pdf）：

获取数据保护错误可以
带来商业，声誉，
监管和法律处罚。
正确的收取客户信任的
条款和
的信心。

We're in the middle of developing a e-commerce application that will be used by our customers on a pay-monthly-plan.

We have thought a bit about offering encryption of all personal data that is stored in the database, to make our application a notch safer to the final consumers.
The encryption would be handled completely transparent in both front and backend and make sure that even if someone would gain pure database access, it would be impossible to decrypt the personal details of the final consumers without the encryption key.

Is this common sense, or are we taking on a too big bite to chew compared to the increased safety this would add to the final customers?

解决方案

I might be out of my depth here, as I'm not a security expert, but here's a few questions that come to mind:

• What are the chances of an attacker gaining access to the data?

• Does the data contain anything confidential?

• What could an attacker stand to gain from accessing the data?

• What could you, or your company, stand to lose if an attacker gained access to the data? It's not just the data, it's potentially your reputation too.

• How much will it cost to implement?

• What are your legal obligations with regard to customer data?

• If data are encrypted using a single global key, how will you keep the key safe?

• If the key is really safe, how will you use it to encrypt and decrypt data?

• If data are encrypted using multiple keys (perhaps one for each customer login), how will you recover data if a customer loses their key/password?

• If you are able to recover customer data, how does that affect its safety?

• What access will computer repair technicians, sysadmins, etc., have to your database server, and how will that affect data security? (It's not just about external hackers).

• What are the performance effects of encryption and decryption?

• What other mechanisms, like firewalls, physical security and employee vetting can be put in place?

Here's a quote from the UK FSA Your responsibilities for customer data security (pdf):

Getting data protection wrong can bring commercial, reputational, regulatory and legal penalties. Getting it right brings rewards in terms of customer trust and confidence.

这篇关于存储加密的个人信息 - 常识？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！