Cryptography in the Database: The Last Line of Defense

Kevin Kenan

  • 出版商: Addison-Wesley Professional
  • 出版日期: 2005-10-29
  • 售價: $1,877
  • 貴賓價: 9.5$1,783
  • 語言: 英文
  • 頁數: 312
  • 裝訂: Paperback
  • ISBN: 0321320735
  • ISBN-13: 9780321320735

下單後立即進貨 (2~3週)

商品描述

Description

Protect Your Enterprise Data with Rock-Solid Database Encryption

If hackers compromise your critical information, the results can be catastrophic. You're under unprecedented pressure—from your customers, your partners, your stockholders, and now, the government—to keep your data secure. But what if hackers evade your sophisticated security mechanisms? When all else fails, you have one last powerful line of defense: database cryptography. In this book, a leading crypto expert at Symantec demonstrates exactly how to use encryption with your own enterprise databases and applications.

Kevin Kenan presents a start-to-finish blueprint and execution plan for designing and building—or selecting and integrating—a complete database cryptosystem. Kenan systematically shows how to eliminate weaknesses, overcome pitfalls, and defend against attacks that can compromise data even if it's been protected by strong encryption.

This book's 3,000 lines of downloadable code examples let you explore every component of a live database cryptosystem, including key vaults and managers, manifests, engines, and providers.

This book's coverage includes

  • Understanding your legal obligations to protect data

  • Constructing a realistic database security threat model and ensuring that you address critical threats

  • Designing robust database cryptographic infrastructure around today's most effective security patterns

  • Hardening your database security requirements

  • Classifying the sensitivity of your data

  • Writing database applications that interact securely with your cryptosystem

  • Avoiding the common vulnerabilities that compromise database applications

  • Managing cryptographic projects in your enterprise database environment

  • Testing, deploying, defending, and decommissioning secure database applications

Cryptography in the Database is an indispensable resource for every professional who must protect enterprise data: database architects, administrators, and developers; system and security analysts; and many others.

Table of Contents

Acknowledgments.

About the Author.

Preface.

I. DATABASE SECURITY.

 1: The Case for Database Security.

 2: Securing Databases with Cryptography.

II. A CRYPTOGRAPHIC INFRASTRUCTURE.

 3. An Overview of Cryptographic Infrastructure.

 4. Cryptographic Engines and Algorithms.

 5. Keys: Vaults, Manifests, and Managers.

 6. Cryptographic Providers and Consumers.

III. THE CRYPTOGRAPHIC PROJECT.

 7. Managing the Cryptographic Project.

 8. Requirements Hardening.

 9. Design Hardening.

10. Secure Development.

11. Testing.

12. Deployment, Defense, and Decommissioning.

IV. EXAMPLE CODE.

13. About the Examples.

14. A Key Vault.

15. The Manifest.

16. The Key Manager.

17. The Engine.

18. Receipts and Provider.

19. The Consumer.

20. Exceptions.

21. The System at Work.

Bibliography.

Glossary.

Index.