Obfuscation

**mwabbe** · 08-18-2010, 12:04 PM

working on a database and ran into a security problem with personal information. i was wondering if there is a way to obfuscate data in a field, so that when the db user looks at it they can see the information but if the server was to be hacked the hacker would not understand what the information is. thanks

please help!

**RuralGuy** · 08-18-2010, 03:16 PM

I haven't used it but I believe ac2007 support encription. Have you looked at it yet?

**mwabbe** · 08-19-2010, 06:28 AM

no not yet

**RuralGuy** · 08-19-2010, 08:46 AM

Give it a try in a test and let us know if it will work for you. If not, there are other free modules on the internet that can encript/decript.

**mwabbe** · 08-19-2010, 10:09 AM

im pretty sure it will work good i looked into it but i was wondering if there was a way to encrypt just one field in such away it would be almost impossible to hack
such as SSN

**RuralGuy** · 08-19-2010, 10:26 AM

As I said there are free pieces of VBA code out there to encript/decript a string. Have you asked Google yet?

**NTC** · 08-19-2010, 02:15 PM

For an ssn of 9 number one could put in an algorithm into the form that manipulates the integers ...on the way in...and undoes it on the way out (for display purposes)....so that the stored values are not immediately accurate as valid SSNs.

Caution of course that anyone that can put the form into design view can see that algorithm; or any one good at math that knows their own ssn and can see your value - should be able to reverse your algorithm and apply to all.....

RuralGuy's suggestion of going to 2007's encryption is fundamentally the better recommendation. Mine is more casual. Keep in mind you don't have to encrypt everything. You can have a 1:1 table relationship and put the ssn into its own table/BE that is encrypted.. Like RuralGuy, I also have never had a need for the encryption feature yet so am not giving hands on advice.....

hope this helps a bit.

**RuralGuy** · 08-19-2010, 02:22 PM

I really like NTC's suggestion of a separate table/BE for the encripted stuff. Certainly worth looking into.

**TheShabz** · 08-19-2010, 03:59 PM

This may be useful as well.
http://msdn.microsoft.com/en-us/libr...ice.10%29.aspx

**mwabbe** · 08-26-2010, 07:46 AM

the database is encrypted with a password so that the user is the only one to to have access to this, but what i want to have done is when the ssn is entered have it encoded to arabic or greek or idc what to be saved that way so that only the user that has rights to the database can see the information correctly.

**RuralGuy** · 08-26-2010, 08:47 AM

I don't see anything stopping you from obfuscating this field any way you choose.

**mwabbe** · 08-26-2010, 08:53 AM

i am not good with vba code is what is stopping me. Does anyone know of a module i could use. thanks

**RuralGuy** · 08-26-2010, 09:01 AM

Have you looked at the links we supplied?

**mwabbe** · 08-26-2010, 09:03 AM

yes the link on there is about encrypting the database with a password

**TheShabz** · 08-26-2010, 09:17 AM

I'm not the best with VBA either but I think I can point you in the right direction. Since ssn's are always fixed length numerical entries, what I would do is use the len() function or the left() function to pull individual digits from the ssn. I would assign each digit to a variable. Then I would come up with whatever coding system that would work. Example would be 1=A 2=B, etc. I would then through a SELECT CASE, change each one into its encrypted values. Then concatenate the new values together and assign that to a different variable. Then when you INSERT INTO, use the variable of the encrypted ssn. when you want to report the value, then you simply use the opposite of the encryption, A=1, B=2, etc. Granted, this isnt anything uber secure but at the very least it provides a mask so that at first glance the ssns cant be viewed.

Obfuscation

Thread Tools

Obfuscation

Posting Permissions