I decided to enable commenting on my blogs.
I dont know why I havent done this earlier, but anyways, never to late. So if you have something to say or a question, please comment the blog and I will answer ASAP.
Thursday, August 28, 2008
Ubuntu Hardy for parents
A few months ago I installed Ubuntu Hardy on my newly purchased HP laptop for my mom. My parents have no clue with using computers and I was fed up with frequent calls about viruses, slow computer and stuff like that. Obviously they used Windows XP, so when my mom announced she wanted a new laptop I installed a dual boot for her. She didn't want to only have Ubuntu because she was sceptic, which I can understand. I asked my step dad if he wanted me to do the same for his laptop, but he respectfully declined.
However after a few months of using Ubuntu my mom really loves it. I no more get calls with virus, slow computer, and other miscellaneous windows stuff. They especially love the games that come out of the box on Ubuntu, and now my step dad has asked me to install Ubuntu on his laptop as well :-)
My mom is still using Vista once in a while for stuff that is not working out of the box on Ubuntu, such as copying pictures and videoes from her Nokia to the computer. But when I fix these small issues that come along, then hopefully she will one day convert totally and never use Windows Vista again.
Friday, August 22, 2008
Using Encryption (Jasypt) in Seam 2.0 and how to search on encrypted values
In our project we had to encrypt all fields in the person table that can identify a person.
I found a nice framework that makes encryption quite easy called Jasypt and more specifically, it had very nice and easy configuration for Seam 2, which can be found here: Jasypt with Seam 2.
The problem however is that all our searches that we had created for the person fields that are now encrypted fail. For obvious reasons, you cannot compare (run LIKE) on encrypted fields.
But the user demanded to still be able to filter the search based on the encrypted values.
There are two theories on how I could do this.
The first, was to encrypt the user input and then try to find a match against the encrypted fields. However since Jasypt uses SALT I cannot easily do this because SALT generates x amount of random bytes and makes two equal values different chipertext. So to solve that I would have to remove the SALT and do the comparing. However we have very little time to solve this, so I went with the second option which I really wanted to avoid.
What I do know is create a query based on the values that are not encrypted and return the List. However, it is not certain that the user will enter one of the values that is not encrypted, so the search will then retrieve all Person objects, and then I loop through the List, decrypt the values (which Jasypt automatically does) and compare against what the user has inputted in the search criteria and then return the correct list.
This is a very cumbersome method to retrieve the List. Having all the Person objects in memory is not feasible. I will have to add some sort of caching so that it at least will be better when it is in production, but still this is something I would like to avoid. (Yes I know I have all the objects decrypted in the memory/cache, but I don't see any other solution)
If anyone has other ideas on how could be solved, then please leave a comment or contact me.
I found a nice framework that makes encryption quite easy called Jasypt and more specifically, it had very nice and easy configuration for Seam 2, which can be found here: Jasypt with Seam 2.
The problem however is that all our searches that we had created for the person fields that are now encrypted fail. For obvious reasons, you cannot compare (run LIKE) on encrypted fields.
But the user demanded to still be able to filter the search based on the encrypted values.
There are two theories on how I could do this.
The first, was to encrypt the user input and then try to find a match against the encrypted fields. However since Jasypt uses SALT I cannot easily do this because SALT generates x amount of random bytes and makes two equal values different chipertext. So to solve that I would have to remove the SALT and do the comparing. However we have very little time to solve this, so I went with the second option which I really wanted to avoid.
What I do know is create a query based on the values that are not encrypted and return the List. However, it is not certain that the user will enter one of the values that is not encrypted, so the search will then retrieve all Person objects, and then I loop through the List, decrypt the values (which Jasypt automatically does) and compare against what the user has inputted in the search criteria and then return the correct list.
This is a very cumbersome method to retrieve the List. Having all the Person objects in memory is not feasible. I will have to add some sort of caching so that it at least will be better when it is in production, but still this is something I would like to avoid. (Yes I know I have all the objects decrypted in the memory/cache, but I don't see any other solution)
If anyone has other ideas on how could be solved, then please leave a comment or contact me.
Subscribe to:
Posts (Atom)
Posts
