相關主題
商品描述
This in-depth look at the encryption tools available in SQL Server shows you how to protect data by encrypting it at rest with Transparent Data Encryption (TDE) and in transit with Transport Level Security (TLS). You will know how to add the highest levels of protection for sensitive data using Always Encrypted to encrypt data also in memory and be protected even from users with the highest levels of access to the database. The book demonstrates actions you can take today to start protecting your data without changing any code in your applications, and the steps you can subsequently take to modify your applications to support implementing a gold standard in data protection.
The book highlights work that Microsoft has been doing since 2016 to make encryption more accessible, by making TDE available in the standard edition, and the introduction of Always Encrypted that requires minimal work on your part to implement powerful and effective encryption, protecting your data and meeting regulatory requirements. The book teaches you how to work with the encryption technologies in SQL Server with the express goal of helping you understand those technologies on an intuitive level. You'll come away with a deep level of understanding that allows you to answer questions and speak as an expert. The book's aim is to make you as comfortable in deploying encryption in SQL Server as you would be in driving your car to buy groceries.
Those with a data security mindset will appreciate the discussion of how each feature protects you and what it protects you from, as well as how to implement things in the most secure manner. Database administrators will appreciate the high level of detail around managing encryption over time and the effect of encryption on database performance. All readers will appreciate the advice on how to avoid common pitfalls, ensuring that your projects to implement encryption run smoothly.
What You Will Learn
- Architect an effective encryption strategy for new applications
- Retrofit encryption into your existing applications
- Encrypt data at rest, in memory, and in transit
- Manage key and certificate life cycles, including backup and restore
- Recover encrypted databases in case of server failure
- Work with encryption in cloud-based scenarios
Database developers, architects, and administrators who want to work with encryption in SQL Server; those who want to maintain encryption whether data is at rest or being transmitted over the network; and those who wish to encrypt their data even when in the server's own memory. Readers should be familiar with SQL Server, but no existing knowledge of encryption is assumed.
商品描述(中文翻譯)
這本書深入探討了 SQL Server 中可用的加密工具,教導讀者如何通過透明數據加密(TDE)在靜態狀態下保護數據,以及通過傳輸層安全性(TLS)在傳輸過程中保護數據。您將學習如何使用 Always Encrypted 在記憶體中加密數據,並保護數據免受具有最高級別數據庫訪問權限的用戶的侵害,從而為敏感數據添加最高級別的保護。本書展示了您可以立即採取的行動,以在不更改應用程式中的任何代碼的情況下開始保護數據,以及您可以隨後採取的步驟,以修改應用程式以支援實施數據保護的黃金標準。
本書強調了自 2016 年以來 Microsoft 在使加密更易於使用方面所做的工作,包括在標準版中提供 TDE,以及引入 Always Encrypted,這需要您進行最少的工作來實施強大而有效的加密,保護您的數據並滿足監管要求。本書教導您如何使用 SQL Server 中的加密技術,旨在幫助您在直觀的水平上理解這些技術。您將深入了解,能夠回答問題並以專家的身份談論這些技術。本書的目標是使您在部署 SQL Server 中的加密方面感到舒適,就像開車去買食品一樣。
具有數據安全意識的讀者將欣賞到每個功能如何保護您以及它保護您免受什麼樣的威脅的討論,以及如何以最安全的方式實施這些功能。數據庫管理員將欣賞到關於長期管理加密和加密對數據庫性能的影響的高度詳細信息。所有讀者都將受益於如何避免常見問題的建議,確保您實施加密的項目順利進行。
您將學到以下內容:
- 為新應用程式設計一個有效的加密策略
- 將加密後的功能添加到現有應用程式中
- 在靜態狀態、記憶體中和傳輸過程中加密數據
- 管理金鑰和證書的生命週期,包括備份和還原
- 在伺服器故障的情況下恢復加密的資料庫
- 在基於雲的場景中使用加密
本書適合以下讀者:
- 想要在 SQL Server 中使用加密的資料庫開發人員、架構師和管理員
- 希望在數據處於靜態狀態或在網絡上傳輸時保持加密的讀者
- 希望在伺服器自身記憶體中加密數據的讀者
- 讀者應該熟悉 SQL Server,但不需要對加密有任何現有知識。
作者簡介
作者簡介(中文翻譯)
Matthew McGiffen是一位資料架構師,擁有超過20年的SQL Server和相關技術的工作經驗。Matthew還有機會在加密技術的最新改進開發期間與Microsoft合作。他是一個關於SQL Server的熱門部落格作者,並為SQL Server Central撰寫文章。在閒暇時間,Matthew是一位業餘的國際象棋玩家和鋼琴家。