This is just a pretext to introduce a very serious subject. You probably know that Informix IDS can encrypt column data, but you may also know that it has some disadvantages (you cannot index encrypted data, you may have to change the applications etc.). There's nothing wrong with column encryption, but as with most of the features is has advantages and disadvantages.
Another option for encryption is to encrypt the files containing the data (chunks in IDS language). This brings up several questions:
If you're doing data encryption you're consuming CPU cycles
- Ease of use
Is it transparent to the database? And to the application?
- Privilege users access
Can root work around the encryption? Usually, being root is like being God...
IBM has just released fixpack 1.1.3 of this product, which is the first version to support IDS (versions 11.10FC2 and 11.50). You can get more info about it at the product page ( http://www.ibm.com/software/data/db2imstools/database-encryption-expert/ ).
Up to now, it was certified for use with DB2, so it's probable that you find several references of the two products together. One of them which I find interesting, is a video showing it working with DB2, by Belal Tassi, a colleague from IBM Information Management:
As you can see from the product page, the fixpack Readme and the video above, it's transparent for the database, for the application and it can be setup to be safe even from root. It's also able to encrypt backups (it would be a breach of security to have your data encrypted and keep your backups without encryption). Hint: Version 11.10 introduced backup and restore filters...
The platforms supported at the moment are:
- AIX (64-bit):
- Linux (64-bit): Red Hat Advanced Server 4.0 Update 4
- Solaris 9
- Solaris 10 update 2
Supported file systems
- Windows: NTFS
- AIX: JFS, JFS2, NFS, VxFS
- Solaris: UFS, NFS, VxFS
- RedHat: EXT3, NFS, VxFS