0

I am investigating encrypting and decrypting my data in my database using CakePHP. How do you guys secure your data in your database?

A possible approach would be; 'saving' my (unencrypted) data via the model, which should encrypt specific data and save it into the database. When retrieving data via the model, it should decrypt the data and give it back to me.

Another option would be; implementing the encrypt and decrypt functions in the specific entity (using the getters and setters). However, searching on specific fields would be harder (because you want to keep your code DRY)

I know that encrypt and decrypt functions are available in Cake: https://book.cakephp.org/3.0/en/core-libraries/security.html

TLDR; How do I implement encryption and decryption the right way in CakePHP when I want to store my data secure?

Bob
  • 873
  • 1
  • 8
  • 21
  • For general "how to handle data securely" information, you should probably visit **https://security.stackexchange.com**. That being said, transparent encryption/decryption can for example be implemented using [**custom database types**](https://stackoverflow.com/questions/32260229/encryption-decryption-of-form-fields-in-cakephp-3/32261210#32261210). – ndm Aug 30 '18 at 08:18
  • Thank you for your link to the custom database type. This approach looks valid to me. Because this question has nothing to do with encryption itself but the implementation into **CakePHP** I decided to not to post it on security.stackexchange.com. Thank you again for your suggestion! – Bob Aug 30 '18 at 08:32
  • DB Type or a behavior that en/decrypts a set of given fields. Both will work. – floriank Aug 30 '18 at 12:53

0 Answers0