[interesting] Database Encryption

Robert Brenstein rjb at rz.uni-potsdam.de
Wed Jan 22 14:47:58 CST 2003


>on 1/22/03 3:00 PM, Robert Brenstein at rjb at rz.uni-potsdam.de wrote:
>
>>  But from your earlier posts I gather that DATA above means data in
>>  the current records/fields only. If I understood that correctly, then
>>  records that are deleted still contain data that may be private but
>>  becomes exposed now since they are not encrypted anymore.
>
>No Robert,
>
>We describe here other issue.
>
>IF you have work e.g. Month with your db,
>You have delete records, and LATER you decide encrypt db,
>
>DATA of deleted record will not be encrypted, because Valentina consider it
>as EMPTY space and do not spend time on its encryption.
>

So you are saying that if encryption is in place, deletion does not 
expose any data? I must have then misunderstood an earlier post.

Even in the situation you describe, I am not sure whether your 
decision to leave the old data open is correct. When one develops a 
db for encrypted distribution, one does not have to have it encrypted 
from the beginning, so the scenerio you describe may be quite common. 
May be the encryption function should recognize when the encryption 
is done the first time and nullify non-encrypted records/fields 
automatically (making the empty space really empty). I can't imagine 
situations when this would not be appropriate.

Robert


More information about the Valentina mailing list