Java数据加密/解密
[英]Java data encryption/decryption
问题描述
I have a spring-mvc stack that stores data in MySQL. 
我有一个spring-mvc堆栈,用于在MySQL中存储数据。 Some of this data needs to be protected, so I am thinking I should encrypt it. 其中一些数据需要保护,所以我想我应该加密它。 Since I may need to use this data later (credit cards, SSN, other) so I will need to decrypt it. 由于我以后可能需要使用这些数据(信用卡,SSN,其他),所以我需要解密它。 I think this rules out hashing it. 我认为这排除了它。
There appear to be several approaches, including the Java crypto packages. 似乎有几种方法,包括Java加密包。 Shiro appears to have some good capabilities, as does Blowfish-x. Shiro似乎有一些很好的能力,就像Blowfish-x一样。 And I see that MySQL supports encryption/decryption as well. 我看到MySQL也支持加密/解密。 I am not sure I will be using MySQL for the long term. 我不确定我将长期使用MySQL。
My question is this: what is the best approach for a java application web based application to handle securely storing some of a users data? 我的问题是:基于Java应用程序网络的应用程序处理安全存储某些用户数据的最佳方法是什么?
1 个解决方案
解决方案1
0 2013-09-13 13:16:42
When it comes to store secure data you have to ask yourself some basic questions : 在存储安全数据时,您必须问自己一些基本问题:
- Do I have to keep the original data, or do only have to test its identity (=> use of hash algorithms) 我是否必须保留原始数据,或者只需测试其身份(=>使用哈希算法)
- If I use encryption, how will I store my keys ? 如果我使用加密,我将如何存储我的密钥?
- Will I need public key (asymmetric) cryptography (=> use of pki and certificates) 我是否需要公钥(非对称)加密(=>使用pki和证书)
These are the main concerns to have. 这些是主要关注点。
Then, technically, the best way to implement it is a matter of what library you will have to choose. 然后,从技术上讲,实现它的最佳方式是您必须选择哪个库。 Take a look at http://www.bouncycastle.org/ . 看看http://www.bouncycastle.org/ 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.