Best way to handle security and encryption in the DB

[judacoor]

Hello everybody,I'm building an web based app in java that stored data on mysql........But some of the data, like personal information abuout customers needs to be really secure, and, well the app will have a login a pw welcome window and everything.............But the thing is that I'm gonna use a public server (I'm not sure if that's the name for it), you know, the ones that you rent a space in a server with some company like www.1and1.com. So they give you good monthly traffic, speed, server up-time, etc.But my doubt is that if I'm gonna leave the DB in that server there's not much I can do to prevent, for example, the owners of the server or the administrators, from accesing my data. For they normally have admin clearance for the server and everything. So I was thinking that to protect the customers the best way would be to encrypt the fields "name", "last name", "phone #", "address" that way their personal info remains encrypted to anyone that doesn't have a login name and pw to use with the app. Not even I would be able to see that 'kinda sensitive' data.But a colleague was telling me that it's kind of impossible to do that, because once you encrypt data, there's no way to decrypt it or something...........like passwords in a DB: you set your pw, the app encrypts it and stores it in the DB, and then when you wanna login what the app does is take the pw you submit......encrypt it, and then compare bit by bit if the encrypted pws match............he that that's when you loose your pw they don't send it back to you, they have to ask you to set a new one.So please, help me a little with this....!I appreciate any possible suggestion to use with this matter!Thank you guys so much!!!!!

[justsomeguy]

Your colleague is confusing encryption and hashing. Hashing is one-way, if you hash a string you can't unhash it. SHA-1 is a hash algorithm (Secure Hash Algorithm). With encryption there is always decryption, that's the difference between encryption and hashing. Typically with encryption you use a key that is used to encrypt and decrypt the data. Your key will need to be stored somewhere where the server can access it, so even if you encrypt everything in the database the admin can just look at your source code and find the decryption algorithm and use the same key that your application is using. If you want to get around that then you would need to encrypt your source code also using something like the Zend encrypter. But, again, an admin can just write a program that will decrypt your source code and you're write back to where you started.If you don't trust the admin then don't use that company, either use a company you trust or host it yourself.

[judacoor]

Yeah but hosting it by myself would be a looot more expensive........and normally you have to hire like a server administrator in order to keep things running smoothly right?Could you recommend any hosting providers? Or what else should I do?Because encrypting my source code would at least give the admins of the server a bit of a hard time to break the encryption right?

[Synook]

Yeah but hosting it by myself would be a looot more expensive........and normally you have to hire like a server administrator in order to keep things running smoothly right?

Well, depends where you host it. You could even purchase a server and take out a business plan with your ISP and host your website in your own home

Could you recommend any hosting providers? Or what else should I do?

Hosting providers are usually fairly trustworthy, as long as you don't go with some tiny unknown one. Read around for reviews, they can help you make a decision.

Because encrypting my source code would at least give the admins of the server a bit of a hard time to break the encryption right?

Uh... how do you encrypt source code (and still get it to run)?---On security though, remember that anyone along the data transfer process can access your information, unless you use SSL. So say I access your server from ISP xxx, then when I type in my username and pw the people at xxx can see that information going through their servers on the way to yours.Do you have an SSL certificate?

[justsomeguy]

Web hosts who engage in practices like you're worried about don't stay in business. If you're looking for a host, I have good experiences with hostgator.com, icdsoft.com, and theplanet.com.If you want to encrypt your source code you will need the server to support it, the server needs a module like an Apache module that will decrypt the code before sending it to PHP (I'm not sure specifically how it works, that might not be correct). Here is one product:http://www.zend.com/en/products/guard/But most people don't use these products to protect their code from server admins. Most people use these products so they can sell a PHP application to someone else who can't see the original source code. CubeCart is an example of a product that uses this to encrypt its code.