I am currently developing a ColdFusion application on version
8. As fas as security as concerned, I am thinking of encrypting
select form data before storing them into the database. A brief
explanation would be as follows;
User SUBMIT form data -> CFINSERT, Encrypt() and store in
database -> User requests data CFQUERY -> Decrypt() and
Algorithm used is AES and the key will be stored in the
database when the user first registers to use the application.
Assuming a page hit of 1000 hits/minute (equally both
submission and query page), will there be a trade-off between
security and performance? Will this method be secure enough?
Do comment and give ideas. I am also searching for a