Login | Register   
LinkedIn
Google+
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


advertisement
 

Encrypt Sensitive Configuration Data with Java-3 : Page 3


advertisement
Supporting Other Encryption Schemes
The EncryptionScheme interface allows you to add support for different symmetric encryption schemes. An abstract class called BaseEncryptionScheme is provided, which provides basic functionality for concrete EncryptionScheme classes. This abstract class is an extension tool for adding your own encryption schemes.

The code provided with this solution includes EncryptionScheme implementations for the DES and the DESede encryption schemes. Either of these schemes should suffice for solving the problem outlined in this 10-minute solution. Other symmetric encryption schemes include: HmacSHA1, Blowfish, HmacMD5, and TripleDES.

Making Good Use of String Encryption
So when would you use this wonderful string encryption tool? There are many possible applications.



One possible application, mentioned at the beginning of this solution, is to use the StringEncrypter to encrypt and decrypt sensitive data in a properties file. For example, you may use the java.util.Properties class to read and write a database password from a properties file. To keep the password secure, you may write a separate program that prompts you to enter your password, and then stores it in its encrypted form in the properties file. This might be a simple GUI-based program or even one that runs from the command line. Your main application will then use the same encryption key to decrypt the password before using it to obtain a connection from the database.

Of course, you may store passwords and other sensitive data in places other than properties files. You can implement the same scenario described above using an XML file, an environment variable, a registry location, or even a datasource such as an LDAP server or a database as a storage location for your encrypted data.

Another application would be to encrypt data before and after it is sent across a network. For example, you can encrypt an e-mail message before it is sent and decrypt it after it is received. Or, you could use the StringEncrypter to provide encryption for all transactions in a client/server application, or all messages sent to a messaging queue.



Javid Jamae is the president of Jamae Consulting, a software development and consulting firm that provides business, training, and development services to large and small companies.
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap