here's what I did when I implemented the same kind of service:
first, I choose PGP (GPG) to encrypt the user's CC information in a database on a safe Linux system (firewalled and using an IDS).
here's my logic: information can be encrypted anytime using the public key, but the private key must be used for decryption. The public key is then stored on the server, but not the private one.
In case of stealing, you're safe so far.
Only one program access the CC information and need the private key. On startup, it asks for two information: the "real" private key and a "passphrase" of a minimum length. the key is then XORED with the passphrase and the result is hidden in memory. The passphrase is then given to the employees and changed daily (or anytime you wish).
So the CC info can be read if:
1- the server process was started by a thrusted admin knowing the private key, and
2- the person accessing the data know the day's passphrase.
if the passphrase is protected while being sent to the server and the employees are either "thrusted" or "unable to hack a secured unix system and debug the memory to restore an xored key", the system should be safe enough
backups can be made (the key's nowhere nead the hard disks) and the information given to the employees, the passphrase, can't be reused after the end of the day.
and if it's not secure enough for our most paranoid contenders, it's fun to realise anyway:)
Why is it that somebody have to come up every three months to foresee the end of unix? Shouldn't prophets see the future of stuff they know abouth? Just to avoir karma noise...:)
Slashdot Mirror
Put your filesystem on a DRBD device?
You'll get a consistent clone every time you leave your laptop connected to your home network long enough for it to sync the changed blocks
Howdy,
:)
here's what I did when I implemented the same kind of service:
first, I choose PGP (GPG) to encrypt the user's CC information in a database on a safe Linux system (firewalled and using an IDS).
here's my logic: information can be encrypted anytime using the public key, but the private key must be used for decryption. The public key is then stored on the server, but not the private one.
In case of stealing, you're safe so far.
Only one program access the CC information and need the private key. On startup, it asks for two information: the "real" private key and a "passphrase" of a minimum length. the key is then XORED with the passphrase and the result is hidden in memory. The passphrase is then given to the employees and changed daily (or anytime you wish).
So the CC info can be read if:
1- the server process was started by a thrusted admin knowing the private key, and
2- the person accessing the data know the day's passphrase.
if the passphrase is protected while being sent to the server and the employees are either "thrusted" or "unable to hack a secured unix system and debug the memory to restore an xored key", the system should be safe enough
backups can be made (the key's nowhere nead the hard disks) and the information given to the employees, the passphrase, can't be reused after the end of the day.
and if it's not secure enough for our most paranoid contenders, it's fun to realise anyway
Magic might be described as the ways to deal with the unknown (or what can't easily be known thru our senses).
seen this way, computers are magic for virtually everyone using a computer. Who understand their hardware, and all code for their OS and all apps?
Since both misticism and computers require the same kind of curiosity, open mind, and patience, maybe the link between both is just natural?
Anyway, I fit the description being interested in easters "religions", meditations and magick
Why is it that somebody have to come up every three months to foresee the end of unix? Shouldn't prophets see the future of stuff they know abouth? Just to avoir karma noise... :)