All,



does any version of Ingres have the ability to internally encrypt a
column.



Regards



Gregory Wilding

Enterprise Services
ING Australia
Level 6, 347 Kent Street, SYDNEY. 2000

T (02) 9234 7435
F (02) 9234 6977
E greg.wilding (AT) ing (DOT) com.au <mailto:greg.wilding (AT) ing (DOT) com.au>




Important notice
This communication, including any file attachments, is intended solely for the use of the individual or entity to whom it is addressed. If you are notthe intended recipient, or the person responsible for delivering this communication to the intended recipient, please immediately notify the sender by email and delete the original transmission and its contents. Any unauthorised use, dissemination, forwarding, printing, or copying of this communication including any file attachments is prohibited.
It is your responsibility to scan this communication including any file attachment for viruses and other defects. To the extent permitted by law, ING Australia Limited and its associates will not be liable for any loss or damage arising in any way from this communication including file attachments.

Hello ,

No not possible at this time, this will come with Ingres 10.

Regards.


--
magxa01

'At-Rest' encryption is on the Ingres 10 product road map. Should be
available mid this year with Ingres release 10. This is a big deal and
has a lot of visibility within/outside the company. I am personally
looking forward to it as well.

Tyler


--
tyler.mcgraw (AT) ingres (DOT) com
------------------------------------------------------------------------
tyler.mcgraw (AT) ingres (DOT) com's Profile: http://community.ingres.com/forum/me...hp?userid=5445
View this thread: http://community.ingres.com/forum/sh...ad.php?t=11685

Ditto, This is probably more useful to me than MVCC!

Martin Bowes

-----Original Message-----
From: Ingres Forums [mailto:info-ingres (AT) kettleriverconsulting (DOT) com]
Sent: Tue 23/02/2010 18:17
To: info-ingres (AT) kettleriverconsulting (DOT) com
Subject: Re: [Info-Ingres] Column Encryption


'At-Rest' encryption is on the Ingres 10 product road map. Should be
available mid this year with Ingres release 10. This is a big deal and
has a lot of visibility within/outside the company. I am personally
looking forward to it as well.

Tyler


--
tyler.mcgraw (AT) ingres (DOT) com
------------------------------------------------------------------------
tyler.mcgraw (AT) ingres (DOT) com's Profile: http://community.ingres.com/forum/me...hp?userid=5445
View this thread: http://community.ingres.com/forum/sh...ad.php?t=11685

_______________________________________________
Info-Ingres mailing list
Info-Ingres (AT) kettleriverconsulting (DOT) com
http://ext-cando.kettleriverconsulti...fo/info-ingres

Martin Bowes wrote:
Why?

A database's job is to keep data. One might argue that "protect" is part
of "keep", and that access control is part of a database server's job.

But I don't understand the enthusiam for encryption in the database. It's
a little like asking the fire department to burn down the house.*Data
properly protected don't need to be encrypted.

--jkl

James K. Lowden wrote:

It will depend on what we each mean by encryption, and what we expect
from it. I do firmly believe that putting anything in a database is the
first step to releasing it into the wild. If you really, really want to
keep something confidential, either don't put it in a form that can be
replicated perfectly on an industrial scale, or else encrypt each value
individually.

Note that I say "individually". There is little real marginal benefit
to encrypting an entire database at rest, and I think that's maybe what
you are getting at James. Data is almost always stolen/lost by the
people who have legitimate access to the database; people who
legitimately have the key.

You also have to consider the intangible benefit of being able to claim
that your product supports encryption. It denies the competing products
a chance to seem somehow more complete. Whether it's a feature that
anyone will really use or really benefit from is sort of irrelevant if
it looks good on a feature matrix.

PS: I think encrypting disk drives is an excellent idea, especially
hot-swap disks and laptop disks. And tapes. And flash drives.

PPS: MVCC is going to be life-changing for a lot of people.

--
Roy

UK Ingres User Association Conference 2010 will be on Tuesday June 8 2010
Go to http://www.iua.org.uk/join to get on the mailing list.

James K. Lowden wrote:
It's becoming a regulatory requirement round here in the medical world.
Regardless of whether it makes sense, being able to say that your data
is encrypted "at rest" ticks the auditor's boxes and they go away happy.
There are a number of ways of achieving this, but having it encrypted in
the database is possibly the most convincing to an outside observer
because you can run "select column from table" and point to the gibberish...

Mike.

How about a new trace point:

SET AUDITOR_MODE ON

And then any column defined as "encrypted" returns randomly generated
gibberish?

Just kidding. Must be Friday...

Mike wrote:

I have no objection to ticking boxes if it is cheap and easy. I have
rather more objection to investing lots of time and effort in
doing something that is actually futile, and doubly so if doing it
lulls people into not taking other steps that really would be
effective (like encrypting the disks and vetting the staff).

One could hope these hypothetical auditors of yours are not
so easily satisfied as you say. :-)

--
Roy

UK Ingres User Association Conference 2010 will be on Tuesday June 8 2010
Go to http://www.iua.org.uk/join to get on the mailing list.

Hi All:

I did want to add my $.02USD to this discussion.

I agree with the idea that encrypted columns are more useful than MVCC
(well, "as useful" might be a better way to express it). I think the issue
is much more complex than just passing an audit. I think the consensus for
security "best practices" is that security in layers is the most effective.
Even with encrypted disks, proper vetting of staff, appropriate access
controls, etc, it still is an significant issue that "select column from
table" shows sensitive data in clear-text. IMO, having encrypted columns is
another important "security layer". On the down side, I think the
implementation of encrypted columns, if not done properly, would be a
nightmare......

--cnemelka


On Fri, Mar 12, 2010 at 9:31 AM, Roy Hann
<specially (AT) processed (DOT) almost.meat>wrote: