Encrypted database connections?

[JGonz]

Hi,

my problem:

• I have a MS-SQL database at my customers site.
• I have a MySQL database at my customers web site.
• I want to transfer certain data from the local MS-SQL to the web MySQL.
• I want to have the data on my MySQL encrypted (it's sensitive customer data).
• I want end-users to get their data from the MySQL. (using Livecode standalones)

Are their any good ways to achieve this? As soon as the data leave .localhost they should be secured, and any access should be secured, too.
I'm able to control the web site, using .htaccess and MySQL permissions. I might have Livecode server running there, if needed. And I can script the local MS-SQL.

But since it's sensitive data that shall no be exposed in any way, I want to be sure I'm not missing something.

Question:
Has anybody already done this?
What to think of?
Where's the problems?
What is wrong in my plan?

Thx for any reply, I'm quite unsure atm if it's possible at all w/o major coding. Quite sure to get my MS-SQL data up into the web-MSSQL, and adding an encryption shouldn't be the problem. But then I'd have to decrypt the data coming back to the users of my livecode proggie, and this might have performace issues, too. (data can be several MB, and user machine can be a rather poor netbook, even a fone in the next step ...)

Is there:

• Any link
• Any other resource, or
• Any educated reply?

Thx anybody taking the time of thinking of it, and maybe even replying! I'd be happy for every input!

[bangkok]

First the command to open the connexion (to a MySQL DB) has a SSL encryption flag.

revOpenDatabase

Check the dictionary :

"useSSL - (MySQL Only) A boolean specifying whether to use SSL to secure the socket connection when connecting to a MySQL database. If you use this feature in a standalone application, remember to select 'SSL Encryption' from among the available 'script libraries' in the standalone application settings panel. "

That's for the transportation of your data from localhost to your remote MySQL DB.

You want apparently to go further, by storing into the MySQL db some encrypted data, correct ?

In this case, Livecode provides all necessary tools, even with complex schemes like public/private key encryption.

You'll find usefull infos about this technique (a random password is created per session, this password is encrypted by localhost and then decrypted by remote host using private/public key [because this process is slow] and then the data are encrypted/decrypted by a classic encryption algorithm using the session password (much faster).

http://forums.runrev.com/viewtopic.php?f=8&t=11733

And a tutorial from LiveCode Academy : "Using Encryption"

http://livecode.com/academy/livecode-business-academy/

[JGonz]

Thx a lot, Bangkok!

And plz excuse the long response time, had forgotten that my holidays was ahead, and when I was back, I was buried with gruesome tasks for a while ...

I had a quick look at the links you provided, and it seems to be exactly what I was looking for. Time for a long reading

But this looks good - thx a lot again!

Have a good time!