If you’re writing healthcare apps in Java, take a look at Jasypt. Especially if you need to encrypt data in your databases. Here’s how the authors describe it:
Jasypt is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works.
- Provides easy encryption tools for little adoption effort.
- Also provides highly configurable standard encryption tools, for power-users.
- All encryption tools comply with encryption best practices and security recommendations. They are also thread-safe to avoid concurrency problems even in multi-threaded environments like web applications.
- Jasypt-hibernate provides a transparent mechanism for persisting data in an encrypted form using Hibernate.
- All encryption tools are designed to be easily integrable into IoC containers like the Spring Framework, although, of course, it can be used without one.
I haven’t had a chance to play with it yet, but I really like the hibernate library that allows transparent persistence of database fields. Most developers find that work depressingly difficult so security usually suffers but if Jasypt does its job perhaps we’ll get some more security without extra work.