DB2 encrytion

Rob Badger

DB2 encrytion
We have DB2 version 8 install and have a management request to start
encrypting columns. Has anyone used the current V8 DB2 encryption? Should
we wait for version 9 with the new features?

Any thoughts will be appreciated.

Robert Badger
Database Administrator
Aurora Heath Care Inc.
3031 West Montana Street
Milwaukee, WI 53215

IMPORTANT NOTICE:

IDUG is pleased to announce a series of upgrades to the DB2-L discussion listserv that are being implemented to improve reliability and the overall user experience of DB2-L. These changes are coming on November 30th. Details at http://www.idug.org

---------------------------------------------------------------------------------
Welcome to the IDUG DB2-L list. To unsubscribe, go to the archives and home page at http://www.idugdb2-l.org/archives/db2-l.html. From that page select "Join or Leave the list". The IDUG DB2-L FAQ is at http://www.idugdb2-l.org. The IDUG List Admins can be reached at [login to unmask email] Find out the latest on IDUG conferences at http://conferences.idug.org/index.cfm

Philip Sevetson

Re: DB2 encrytion
(in response to Rob Badger)
Bob,
In order to enact HIPAA-compliant encryption, you should examine the
HIPAA requirements. My former employer preferred to buy an encryption
package from a vendor (MegaCryption, Protegrity, and IBM were
considered) because vendors have the key management schemes already
implemented; if you use DB2's encryption, you must develop your own,
HIPAA-compliant key management scheme.

You probably also have a management requirement that this encryption be
transparent to the applications, which restricts your choices to
encryption schemes which use DB2 Exits and RACF keys. We found that it
was technologically impossible under DB2V7 to deliver an
application-transparent encryption scheme without encrypting the whole
row.

HTH.

--Phil Sevetson, NYCAPS DBA Support
Financial Information Services Agency of The City of New York
450 West 33rd Street, 4th Floor
New York, NY 10001
phone: (212) 857-1688
mailto: [login to unmask email]
-----Original Message-----
From: DB2 Data Base Discussion List [mailto:[login to unmask email] On
Behalf Of Rob Badger
Sent: Friday, November 23, 2007 3:52 PM
To: [login to unmask email]
Subject: [DB2-L] DB2 encrytion

We have DB2 version 8 install and have a management request to start
encrypting columns. Has anyone used the current V8 DB2 encryption?
Should
we wait for version 9 with the new features?

Any thoughts will be appreciated.

Robert Badger
Database Administrator
Aurora Heath Care Inc.
3031 West Montana Street
Milwaukee, WI 53215

IMPORTANT NOTICE:

IDUG is pleased to announce a series of upgrades to the DB2-L discussion
listserv that are being implemented to improve reliability and the
overall user experience of DB2-L. These changes are coming on November
30th. Details at http://www.idug.org

------------------------------------------------------------------------
---------
Welcome to the IDUG DB2-L list. To unsubscribe, go to the archives and
home page at http://www.idugdb2-l.org/archives/db2-l.html. From that
page select "Join or Leave the list". The IDUG DB2-L FAQ is at
http://www.idugdb2-l.org. The IDUG List Admins can be reached at
[login to unmask email] Find out the latest on IDUG conferences
at http://conferences.idug.org/index.cfm


=========
Confidentiality Notice: This e-mail communication, and any attachments, contains confidential and privileged information for the exclusive use of the recipient(s) named above. If you are not an intended recipient, or the employee or agent responsible to deliver it to an intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you have received this communication in error, please notify me immediately by replying to this message and delete this communication from your computer. Thank you.

Any opinions, expressed or implied, presented are solely those of the author and do not necessarily represent the opinions of the agency or the City.
=========



IMPORTANT NOTICE:

IDUG is pleased to announce a series of upgrades to the DB2-L discussion listserv that are being implemented to improve reliability and the overall user experience of DB2-L. These changes are coming on November 30th. Details at http://www.idug.org

---------------------------------------------------------------------------------
Welcome to the IDUG DB2-L list. To unsubscribe, go to the archives and home page at http://www.idugdb2-l.org/archives/db2-l.html. From that page select "Join or Leave the list". The IDUG DB2-L FAQ is at http://www.idugdb2-l.org. The IDUG List Admins can be reached at [login to unmask email] Find out the latest on IDUG conferences at http://conferences.idug.org/index.cfm

Troy Coleman

Re: DB2 encrytion
(in response to Philip Sevetson)
Hi Robert,
Some people mis understand what encryption is versus masking.
Encryption is usually used when you are sending data across a network so
that only the person at the end of the line receiving the data can
decrypt the data. When you are testing and want to copy data from
production to test/development then you do not want to encrypt the data.
You will want to mask the data so that the developer can see the name,
address and phone number but the information is the actual address,
phone number or social security number for the record being looked at.
Are you looking for encryption or masking?

--
Troy Coleman, Support Engineer
IBM Certified Solutions Expert

SoftBase Systems, Inc.
847-776-0618
828-670-9900 ext. 334
[login to unmask email]

Compliance Challenged with Test Data Privacy? White Papers and More at http://www.softbase.com/

The information contained in this message may be CONFIDENTIAL and is for the intended addressee only. Any unauthorized use, dissemination of the information, or copying of this message is prohibited. If you are not the intended addressee, please notify the sender immediately and delete this message.


Rob Badger wrote:
> We have DB2 version 8 install and have a management request to start
> encrypting columns. Has anyone used the current V8 DB2 encryption? Should
> we wait for version 9 with the new features?
>
> Any thoughts will be appreciated.
>
> Robert Badger
> Database Administrator
> Aurora Heath Care Inc.
> 3031 West Montana Street
> Milwaukee, WI 53215
>
> IMPORTANT NOTICE:
>
> IDUG is pleased to announce a series of upgrades to the DB2-L discussion listserv that are being implemented to improve reliability and the overall user experience of DB2-L. These changes are coming on November 30th. Details at http://www.idug.org
>
> ---------------------------------------------------------------------------------
> Welcome to the IDUG DB2-L list. To unsubscribe, go to the archives and home page at http://www.idugdb2-l.org/archives/db2-l.html. From that page select "Join or Leave the list". The IDUG DB2-L FAQ is at http://www.idugdb2-l.org. The IDUG List Admins can be reached at [login to unmask email] Find out the latest on IDUG conferences at http://conferences.idug.org/index.cfm
>
>
>

IMPORTANT NOTICE:

IDUG is pleased to announce a series of upgrades to the DB2-L discussion listserv that are being implemented to improve reliability and the overall user experience of DB2-L. These changes are coming on November 30th. Details at http://www.idug.org

---------------------------------------------------------------------------------
Welcome to the IDUG DB2-L list. To unsubscribe, go to the archives and home page at http://www.idugdb2-l.org/archives/db2-l.html. From that page select "Join or Leave the list". The IDUG DB2-L FAQ is at http://www.idugdb2-l.org. The IDUG List Admins can be reached at [login to unmask email] Find out the latest on IDUG conferences at http://conferences.idug.org/index.cfm