I was wondering if there is a secure way to store SSNs in a database. I read the link here http://www.experts-exchange.com/Security/Encryption/Q_23588749.html
but it's pretty much stops when I don't want it to! Here's the environment I will be using: I have a popular database within which I need to store the SSNs. I plan to access it through PHP, Java and ASP .NET over an internal network. Hashes won't do as I need the SSNs. Because of the multiple ways to access data - I would prefer the database itself to handle authentication, encryption and decryption. Here are some of my thoughts:
1. salting the SSN
2. performing encryption and decryption using user defined DB functions
3. A user will always be logged in to access this - session info can be used to add security
4. does the use of BLOBs provide any advantage?
Just wondering if there are any additional comments or thoughts on this subject. Thanks guys.