In computer blog reviews top marks are always given when an application developer includes the ability for users to back up their data. You might be thinking “But users already have MS Backup, Norton Utilities etc.”, and this is true they have. But many computer users do not have confidence in their ability to use such products – have they chosen the right files/directory? Is there some setting they have overlooked? etc
BackFlash - “Has There Been A System Crash? Get Your User’s Data Back In A Flash!”
User Access Control Features
Licensing and Registration Features
We live in an age where very sensitive data needs to be stored, and it needs to be stored in a safe way so that it cannot be stolen, or altered, by users, or programs, without the appropriate access. Data stored in persistent storage (like on a hard drive, or in a database) is known as "Data At Rest".
Softclaim™ security implementation provides proper security for data at rest, and provides Field-Level encryption to selected fields in the database.
When considering how best to protect the data, it is worth understanding the sort of protections that may be required.
There are also two categories of data that have to be protected
To accomplish the above two basic security techniques are used to protect data which is at rest.
Encryption is a way of changing the data, using a key, so that it is no longer readable. Importantly though encrypted data can be decrypted. If this is done using the same key then this is known as Symmetric Encryption. Softclaim makes use by default it uses the AES256 Algorithm.
Hashing is a way of changing the data so that it is no longer readable. However in this case the data cannot be decrypted. When data is hashed (using the SHA256 algorithm by default) it is reduced to a constant length (regardless of the original string size) and the original string cannot be reconstructed from the hash.
Hashes are useful because it allows you to compare strings without actually knowing the original string. By comparing hashes you can determine if a string has been changed.
Softclaim™ allows encrypted fields to have a partner Hash field. This allows tampering (of the encrypted value) to be detected. Before encrypting the field a (salted) hash of the field is stored in another field. After decryption, the decrypted value is hashed and compared to the stored value. In this way tampering with the encrypted value can be detected.