It's all about the answers!

Ask a question

Data encryption in DB2 database?


Yanzhuang Li (31134126) | asked Jul 29 '08, 3:35 p.m.
In the backend database of Jazz repositiry (e.g. a DB2 database), the data is not encrypted (except the user password). That means a person can read all data in the database as long as he/she finds the right database logon ID and password. Is this true? Thanks.

4 answers



permanent link
Matt Lavin (2.7k2) | answered Jul 29 '08, 4:06 p.m.
FORUM MODERATOR / JAZZ DEVELOPER
If a person has direct access to the database then they could read the
data written by Jazz.

I'm not sure if encrypting the data would help much, because (presuming
they had the ability to get DB access in the first place), they could
likely get the information required to decrypt the data as well.

yanli wrote:
In the backend database of Jazz repositiry (e.g. a DB2 database), the
data is not encrypted (except the user password). That means a
person can read all data in the database as long as he/she finds the
right database logon ID and password. Is this true? Thanks.

permanent link
Yanzhuang Li (31134126) | answered Jul 29 '08, 10:02 p.m.
I have a client that thinks their project data is highly sensitive. The question that they want to know is something like this: DB2 database can be backed up on tapes - what if the tape is lost - is there another layer of security protection besides the DB2 login ID and password? At this moment, the project data is wide open as long as someone has the db backup and the db admin account/password.

permanent link
Dmitry Karasik (1.8k11) | answered Jul 30 '08, 4:09 a.m.
JAZZ DEVELOPER
On Wed, 30 Jul 2008 02:07:51 +0000, yanli wrote:

I have a client that thinks their project data is highly sensitive. The
question that they want to know is something like this: DB2 database can
be backed up on tapes - what if the tape is lost - is there another
layer of security protection besides the DB2 login ID and password? At
this moment, the project data is wide open as long as someone has the db
backup and the db admin account/password.

You could use FS encryption to encrypt the tape.

- Dmitry

permanent link
Anthony Kesterton (7.5k7180136) | answered Jul 30 '08, 7:25 a.m.
JAZZ DEVELOPER
Hi

This is an interesting question. I am not sure RTC alone can be used to create a secure environment but there might be a way to scramble/encrypt the data on the database at the database driver level. You also have to ask if there is sufficient security when native or web clients talk to the server.

I assume your customer has this kind of problem for other applications - so they would also have levels of security/encryption around their entire infrastructure too.

anthony

Your answer


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.