עידו רוזן (Ido Rosen) > Crypt-ProtectedString-0.00_01 > Crypt::ProtectedString

Download:
Crypt-ProtectedString-0.00_01.tar.gz

Dependencies

Annotate this POD

Module Version: 0.00_01   Source  

NAME ^

Crypt::ProtectedString - protected format for storing sensitive data in databases, with partial display capability.

SYNOPSIS ^

I apologize for the lack of documentation at this stage. The module is still in pre-alpha development. Please bear with me.

DESCRIPTION ^

This module provides the ability to display, encrypt, decrypt, and parse sensitive data, such as credit card numbers. It is intended for use with data that may need to be encrypted and partially displayed someplace (such as the last four digits of a credit card number on a user's account page on a web server), but must not be fully revealed (decrypted) anywhere except where absolutely necessary (such as the full credit card number to the credit card payment processing code). This module is merely a framework for such a protected format. The actual encryption and decryption (and security) must be implemented by the module user, in the form of plugins.

DISCLAIMER ^

THE AUTHOR MAKES NO PROMISE OF ANY KIND FOR THIS CODE. It should not be used to store sensitive data in a production environment as it is not yet complete.

Or, to put it more explicitly, in legalese:

Author makes no warranties of any kind, expressed or implied, for this Perl module. Author disclaims any warranty or merchantability of fitness for a particular purpose. If you use this code and/or Perl module, you agree to indemnify, protect, defend, save and hold harmless Contractor against any damages suffered from operation or malfunction of your application, product, website, or any other object relying on this code, including loss of data, merchandise, valuables, financial records, cash, and any fees incurred by said operation or malfunction. Author will not be held responsible for any damages users may suffer for any incidental, actual or real damages.

ACKNOWLEDGEMENTS ^

This module was inspired by Steve Friedl's ``A Proposal for Secure Storage of Credit Card Data'' (http://www.unixwiz.net/techtips/secure-cc.html). The plugin code used was inspired by (and is almost identical to) Jonathan Rockway's Angerwhale (http://www.jrock.us/trac/blog_software) formatting system.

SEE ALSO ^

The ``Base'' example plugin for encryption/decryption using Crypt::RSA is worth looking at, but you should make your own plugin to handle the various types of strings (credit card numbers, passwords, whatever...) and place them in the plugin search path, or subclass this and add to the search path.

You may contact me via e-mail, though I can not promise I will respond quickly.

AUTHOR ^

Ido Rosen, <ido AT cpan DOT org>

If you wish to submit patches / help develop this module further, you are welcome to do so by contacting the author.

COPYRIGHT AND LICENSE ^

Copyright (C) 2006 by Ido Rosen

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, or under the BSD license.

syntax highlighting: