[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] [OT] securing sensitive data
- Subject: [ale] [OT] securing sensitive data
- From: jtaylor at onlinea.com (J.M. Taylor)
- Date: Fri Jan 23 14:02:11 2004
I'm building an application that at the very minimum needs to be HIPAA
compliant (HIPPAA? i can't remember the stupid acronym). I have the
luxury of a private, non-internet-connected network and plan to do a hardened
linux server running mysql to store the data. As to the front-end, I
would prefer a web app but it's up to my client and how they feel that
would be percieved security-wise. If I don't do a web app, I'm going to
do a perlTK app, because I know I can secure either of those things. The
clients are all Windows of various vintages. Physical security is nearly
nil, but I can probably manage to store the server in a locked closet.
Now. Here's the fun part. Everybody has access to certain sensitive data,
and only certain people have access to other sensitive data. I would
ideally like to keep all sensitive data encrypted (PGP/GPG) in the
database. My first quandry is -- putting a private key on the client machine
seems like a BAD and non-secure method of protecting the data. I'm almost
equally nervous about storing their private keys on the server, which at
least I know will be maintained primarily by me.
My second quandry is, how on earth do I protect both shared and
individualized sensitive data? Would just a shared secret key and 2-way
encryption be enough for the shared data?
My third quandry is, if I store all the data encrypted, searching will be
an absolute nightmare. Encrypting and decrypting will be expensive,
and when I say "linux server" I mean a discared PII400 with 512Mb RAM
at absolute best. The app is only going to be used by a couple dozen
people, but still...12 people simultaneously trying to encrypt and
decrypt would be horrible.
I know nothing about this kind of thing...I know what to be worried about,
but I'm totally tying myself up in knots trying to sort all of this out.
Any resources, pointers to howtos, thoughts and experiences would be