home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.databases.ingres
- Path: sparky!uunet!zaphod.mps.ohio-state.edu!howland.reston.ans.net!spool.mu.edu!agate!ames!pacbell.com!rtech!ingres!camidei
- From: camidei@Ingres.COM (Chris Amidei)
- Subject: Re: Encryption
- Message-ID: <1993Jan12.165144.15035@pony.Ingres.COM>
- Organization: Ingres, an ASK Company, Alameda CA 94501
- X-Newsreader: Tin 1.1 PL3
- References: <1993Jan8.170939.9261@advtech.uswest.com>
- Date: 12 Jan 93 16:51:44 GMT
- Lines: 30
-
- crb@advtech.uswest.com (Chris Renck) writes:
- : We are developing a application which is going to contain salary information,
- : and I was wondering if anyone has any suggestions on how the salary field
- : can be encrypted or secure so only authorized people can see it. Our Human
- : Resources Dept does not even wants us (the Ingres developers) to be able to
- : see what data is in this field.
- :
-
- How about taking a queue from Unix and the Shadow Password concept. User
- information that is viewable is stored in one file that everyone can read
- while other information that should not be viewable by everyone (ie. passwords)
- is stored in another file only readable by those who need the information.
-
- With Ingres, the same can be done. One table contains globably viewable
- information, the other would contain salary information that is viewable only
- by those who should. Create database procedures to add, remove and modify
- employees, thus helping to ensure integrity.
-
- For Applications, make the salary display field 'invisible' to those who should
- not see the information.
-
- Or, you could create a view through which most users access data through.
- This view would NOT contain the salary column.
-
- --
- The last thing the bungee jumper heard: Gee, I thought I was next?
- ------------------------------------------------------------------------
- Chris Amidei | E-mail: camidei@ingres.com
- Instructor | Phone: (510)748-3261 - my desk
- Ingres, an Ask Company | : (510)769-1400 - main line
-
