Prev: Hot sale adicolour sneaker for men,women's,free shipping,worldwide express
Next: Quartz with Spring: more jobs with different input argument
From: Spud on 28 Apr 2010 22:16 On 4/26/2010 7:11 PM, John B. Matthews wrote: > In article<79ydnexs7q-vKUjW4p2dnAA(a)giganews.com>, > Spud<fake(a)fkfkfkf.com> wrote: > >> We've been told that we need to implement on-disk encryption of our >> data files. We currently write them using RandomAccessFile and read >> them using FileChannel.read(ByteBuffer). >> >> Before I go off on my own, slog through java.security, and write a >> wrapper around these routines to encrypt/decrypt, is there an easy >> way to do it? Perhaps something built into the JDK that I'm missing? > > Is this related to a new Massachusetts security law mandating encryption? > > <http://yro.slashdot.org/story/10/04/25/1745210/> > It's not, but the motivation is the same. Legal requirements that the contents be kept secure.
From: The Frog on 29 Apr 2010 04:33
Hello Spud Quote: "Bottom line is, the files themselves have to encrypted so even if a bad guy gets access to the disk or the backups, the files can't be used without the secret key." Are we correct in understanding that you wish to mitigate against physical theft of data? That is to say against a physical attack vector such as a computer / hard drive being stolen? Or are you also needing to protect against the possibility of someone simply copying the data files to another location either directly or across a network? Do you need to protect against someone having direct physical access to the application PC and still keep the data secured? It would be helpful to understand your scenario a little better. As stated above, you may well be better served by consulting a professional in this area who you can discuss the situation and riks with in confidentiality. Cheers The Frog |