Scribd Logo
Upload

Welcome to Scribd!

  • IS481 Week 2 Lecture For BB

    Uploaded by

    Grantham University
    3K views3 pages
    IS481 Week 2 Lecture

    Original Title

    IS481Week2LectureForBB.docx

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    IS481 Week 2 Lecture

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    3K views3 pages

    IS481 Week 2 Lecture For BB

    Uploaded by

    Grantham University
    IS481 Week 2 Lecture

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    Overview

    Databasescontainavarietyofsensitiveinformation.Thisinformationcaninclude
    customers'personaldata,confidentialcompetitiveinformation,andintellectual
    property.Theimpactoflostorstolendatacanresultinbranddamage,competitive
    disadvantage,andfinesorlawsuits.Regulationsforprivacymandatesrequire
    protectingdataatrestalongwiththedatabase.

    DatabaseEncryption

    Encryptionisasolutiontomakecaptureddataunreadablebyunauthorized
    individuals.Optionsincludeencryptingdataattheapplicationlevel,thedatabase
    level,orthestoragelevel.Storagelevelencryptionguardsagainstriskinthecase
    wherestoragemediaarelost.Thisdoesnotprotectagainstmaliciousinsidersor
    systemsinfectedbymalware.Applicationlevelencryptionprovidesthehighest
    degreeofcontrol.Databaseencryptionprotectsdataatrestgoesfurtherthanstorage
    levelencryptionwhileavoidingchangesintheapplicationlayer.
    Withdatabaseencryptionineffect,onlyauthorizedapplicationscanaccess
    decrypteddata.Theotherapplicationsandadministratorsseeencrypteddataonly.
    Thatmeansdatacanremainprotectedevenintheeventofcertaindatabreaches
    Therearestillrisksassociatedwithdatabaseencryption.Wemustconsiderthat
    insidersandsystemadministratorscanaccessbothencrypteddataandencryption
    keys.Inthiscasetheydohaveaccesstocleartextdata,unlesskeysaredeliberately
    isolatedinadedicatedkeymanagementsystem.Superuserswithbroadaccess

    rightscansubvertandpotentiallydisableencryptioncontrolsunlesssuitablechecks
    andbalancesareputinplace.
    Anotherissueisapplicationsthathavelegitimateaccessrightswhichareinfected
    withmalwarecanstillaccessconfidentialdata.Multipledatabaseinstanceswill
    typicallyrequireaccesstothesamekeys.Thiscanhaveanimpactonthecostsof
    provisioningandrotatingkeysinacoordinatedfashion.Keylosscanrenderdata
    unavailable,sincedecryptionwouldbeimpossible.

    KeyManagement

    Aproperkeymanagementsystembalancesthesimplicityofkeyaccessagainst
    preventionofunauthorizedaccesstothekeys.
    Thereareessentiallythreedifferenttypesofkeymanagement:
    Asinglekeyfortheentiredatabase
    Adifferentkeyforeachrowoftableswithencrypteddata
    Acombinationapproach

    UsingaSingleKey

    Withthisapproach,asinglekeyisusedtoaccessanydatainthedatabase.The
    biggestadvantageofusingasinglekeyisthattheencryption/decryptionroutines
    willnotneedtoselectkeysfromtablesorstorethemeverytimearecordis
    manipulatedinthebasetable.Theresultisthatperformanceisgenerallybetter
    becauseofreducedCPUcyclesandI/Ooperations.Thebiggestdisadvantageofthis
    approachisitsdependenceonasinglepointoffailure.Ifanintruderbreaksintothe
    databaseanddeterminesthekey,theentiredatabasebecomesimmediately
    vulnerable.Inaddition,ifyouwanttochangethekey,youwillneedtochangeall
    oftherowsinallofthetables,whichmaybequiteanextensivetaskinalarge
    database.

    UsingaKeyforEachRow

    Withthisapproach,adifferentkeyisusedforeachrowofatable.Thisapproachis
    farmoresecurethanthesinglekeyapproach.Evenifathiefsucceedsinstealinga
    key,onlyonerowwillbecompromised,nottheentiretableorthedatabase.There
    aresomedisadvantagesofthisapproach:theproliferationofkeysmakesit
    extremelydifficulttomanagethem.Also,becauseencryptionanddecryption
    operationsneedtogenerateorretrieveadifferentkeyforeachrow,performance
    willsuffer.

    UsingaCombinedApproach

    Theprosandconsofthetwooptionsdiscussedare:
    Withtheonekeyapproach:
    1. Thekeymanagementisextremelysimple.Thereisonlyonekeyto
    managecreate,access,andbackup.
    2. Thekeycanbeplacedinmanyplacesconvenientfortheapplicationsto
    access.
    3. Ontheotherhand,ifthekeyiseverstolen,theentiredatabasebecomes
    vulnerable.
    Withtheonekeyperrowapproach:
    1. Thenumberofkeysequatestothenumberofrows,increasingthe
    complexityofkeymanagementmoredatatobackup,morestorage,and
    soon.
    2. Ontheotherhand,ifasinglekeyisstolen,onlythatcorrespondingrowis
    compromised,nottheentiredatabase.Thisaddstotheoverallsecurityof
    thesystem.
    Analternativeapproachcouldbetouseasinglekeypercolumn,wherethesame
    keyappliestoalltherowsorakeypertableregardlessofthenumberofcolumns
    orakeyperschemaandsoon.Thenumberofkeystobemanagedwoulddecrease
    dramaticallywithanyoftheseapproaches,butofcoursethevulnerabilityofthe
    datawouldincrease.

    You might also like