7
 Followers
42
 Likes

"Encrypt Data" property on an entity attribute

Backend
On our radar
On SS be able to set a property of "Data Encrypted" on an entity attribute
Created on 24 Nov 2011
Comments (10)
Hi, is it available in any new release?
Merged this idea with '"Store as encrypted" capability on entity attributes.' (created on 02 Mar 2013 01:45:24 by Izak Joubert)
When working in the financial services or health care industry, compliance regulations often require systems to store certain data values such as social security numbers, id numbers, or birth dates encrypted.  In the US, we also have several federal and state laws that require "personally identifyable information" to be stored encrypted.

It would be nice to be able to implement this scenario during development by simply specifying that a specific attribute (column) of an entity (table) should be stored encrypted and then have the platform automatically deal with the encryption/decryption during data storage and retrieval.

This would eliminate a lot of developer effort to make sure the data is properly encrypted or decrypted at all of the touch points in a system.

This comment was:
- originally posted on idea '"Store as encrypted" capability on entity attributes.' (created on 02 Mar 2013 by Izak Joubert)
- merged to idea '"Encrypt Data" property on an entity attribute' on 14 Mar 2019 13:32:36 by Jorge Martins
That would be a neat feature to have on the platform :)


This comment was:
- originally posted on idea '"Store as encrypted" capability on entity attributes.' (created on 02 Mar 2013 by Izak Joubert)
- merged to idea '"Encrypt Data" property on an entity attribute' on 14 Mar 2019 13:32:36 by Jorge Martins
It would be nice, but I suppose often on these cases the technical requirements specify the specific way the data is to be encrypted (algorithm, strength...). It's unlikely that this would cover all the cases.

This comment was:
- originally posted on idea '"Store as encrypted" capability on entity attributes.' (created on 02 Mar 2013 by Izak Joubert)
- merged to idea '"Encrypt Data" property on an entity attribute' on 14 Mar 2019 13:32:36 by Jorge Martins
I believe providing even a simple AES 256 based default function already goes a long way towards improving data security, while keeping things simple for the developer.  It may not be exactly what is needed in all cases, but anything is better than nothing.

OS could easily add a few database config parameters to allow the administrator to choose type & strength from a list of basic .NET encryption providers and enter the encyption keys as required by the chosen type (private key, public key, both).  This would probably be sufficient to cover the majority of cases and could be implemented using already available .NET libraries.

For the developer, extending the functionality to cover the special cases, should be as simple as 1) creating an OS extension that exposes the custom encyption logic via an encrypt & decrypt method and 2) changing the database configuration to use the new extension library instead of the built in library.

I'm not suggesting the feature should cover 100% use cases, but if it can help in 80% of the cases, it could be a very valuable feature to help reduce the risk of data leakage and demonstrate a higher level of compliance with data security best practices.



This comment was:
- originally posted on idea '"Store as encrypted" capability on entity attributes.' (created on 02 Mar 2013 by Izak Joubert)
- merged to idea '"Encrypt Data" property on an entity attribute' on 14 Mar 2019 13:32:36 by Jorge Martins
You are referring to .NET only, don't forget there is a JAVA stack as well.

This comment was:
- originally posted on idea '"Store as encrypted" capability on entity attributes.' (created on 02 Mar 2013 by Izak Joubert)
- merged to idea '"Encrypt Data" property on an entity attribute' on 14 Mar 2019 13:32:36 by Jorge Martins
Merged this idea with 'Automatic column data encryption/decryption' (created on 21 May 2018 09:08:25 by Henrique Capela)

Since encrypting and decrypting a column of data requires changes to the SQL, it would be interesting for the platform to automate these changes if the entity attribute was to be marked as encrypted (which would be a new property).



This comment was:
- originally posted on idea 'Automatic column data encryption/decryption' (created on 21 May 2018 by Henrique Capela)
- merged to idea '"Encrypt Data" property on an entity attribute' on 14 Mar 2019 13:33:57 by Jorge Martins

Changed the category to Backend




This comment was:
- originally posted on idea 'Automatic column data encryption/decryption' (created on 21 May 2018 by Henrique Capela)
- merged to idea '"Encrypt Data" property on an entity attribute' on 14 Mar 2019 13:33:57 by Jorge Martins
views
1253
Followers
7