IS481 Week 2 Lecture For BB

Database encryption protects sensitive data by encrypting information at the database level. This prevents access to cleartext data even if storage media is lost or breached. While database encryption provides advantages over encryption at other levels, risks still exist as certain privileged users and infected applications could potentially access decryption keys and decrypted data. Proper key management is also needed to balance accessibility and security, with different approaches involving single keys for the entire database, unique keys for each row, or a combination of methods.

Uploaded by

Grantham University

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

3K views

IS481 Week 2 Lecture For BB

Uploaded by

Grantham University

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 3

Overview

Databasescontainavarietyofsensitiveinformation.Thisinformationcaninclude
customers'personaldata,confidentialcompetitiveinformation,andintellectual
property.Theimpactoflostorstolendatacanresultinbranddamage,competitive
disadvantage,andfinesorlawsuits.Regulationsforprivacymandatesrequire
protectingdataatrestalongwiththedatabase.

DatabaseEncryption

Encryptionisasolutiontomakecaptureddataunreadablebyunauthorized
individuals.Optionsincludeencryptingdataattheapplicationlevel,thedatabase
level,orthestoragelevel.Storagelevelencryptionguardsagainstriskinthecase
wherestoragemediaarelost.Thisdoesnotprotectagainstmaliciousinsidersor
systemsinfectedbymalware.Applicationlevelencryptionprovidesthehighest
degreeofcontrol.Databaseencryptionprotectsdataatrestgoesfurtherthanstorage
levelencryptionwhileavoidingchangesintheapplicationlayer.
Withdatabaseencryptionineffect,onlyauthorizedapplicationscanaccess
decrypteddata.Theotherapplicationsandadministratorsseeencrypteddataonly.
Thatmeansdatacanremainprotectedevenintheeventofcertaindatabreaches
Therearestillrisksassociatedwithdatabaseencryption.Wemustconsiderthat
insidersandsystemadministratorscanaccessbothencrypteddataandencryption
keys.Inthiscasetheydohaveaccesstocleartextdata,unlesskeysaredeliberately
isolatedinadedicatedkeymanagementsystem.Superuserswithbroadaccess

rightscansubvertandpotentiallydisableencryptioncontrolsunlesssuitablechecks
andbalancesareputinplace.
Anotherissueisapplicationsthathavelegitimateaccessrightswhichareinfected
withmalwarecanstillaccessconfidentialdata.Multipledatabaseinstanceswill
typicallyrequireaccesstothesamekeys.Thiscanhaveanimpactonthecostsof
provisioningandrotatingkeysinacoordinatedfashion.Keylosscanrenderdata
unavailable,sincedecryptionwouldbeimpossible.

KeyManagement

Aproperkeymanagementsystembalancesthesimplicityofkeyaccessagainst
preventionofunauthorizedaccesstothekeys.
Thereareessentiallythreedifferenttypesofkeymanagement:
Asinglekeyfortheentiredatabase
Adifferentkeyforeachrowoftableswithencrypteddata
Acombinationapproach

UsingaSingleKey

Withthisapproach,asinglekeyisusedtoaccessanydatainthedatabase.The
biggestadvantageofusingasinglekeyisthattheencryption/decryptionroutines
willnotneedtoselectkeysfromtablesorstorethemeverytimearecordis
manipulatedinthebasetable.Theresultisthatperformanceisgenerallybetter
becauseofreducedCPUcyclesandI/Ooperations.Thebiggestdisadvantageofthis
approachisitsdependenceonasinglepointoffailure.Ifanintruderbreaksintothe
databaseanddeterminesthekey,theentiredatabasebecomesimmediately
vulnerable.Inaddition,ifyouwanttochangethekey,youwillneedtochangeall
oftherowsinallofthetables,whichmaybequiteanextensivetaskinalarge
database.

UsingaKeyforEachRow

Withthisapproach,adifferentkeyisusedforeachrowofatable.Thisapproachis
farmoresecurethanthesinglekeyapproach.Evenifathiefsucceedsinstealinga
key,onlyonerowwillbecompromised,nottheentiretableorthedatabase.There
aresomedisadvantagesofthisapproach:theproliferationofkeysmakesit
extremelydifficulttomanagethem.Also,becauseencryptionanddecryption
operationsneedtogenerateorretrieveadifferentkeyforeachrow,performance
willsuffer.

UsingaCombinedApproach

Theprosandconsofthetwooptionsdiscussedare:
Withtheonekeyapproach:
1. Thekeymanagementisextremelysimple.Thereisonlyonekeyto
managecreate,access,andbackup.
2. Thekeycanbeplacedinmanyplacesconvenientfortheapplicationsto
access.
3. Ontheotherhand,ifthekeyiseverstolen,theentiredatabasebecomes
vulnerable.
Withtheonekeyperrowapproach:
1. Thenumberofkeysequatestothenumberofrows,increasingthe
complexityofkeymanagementmoredatatobackup,morestorage,and
soon.
2. Ontheotherhand,ifasinglekeyisstolen,onlythatcorrespondingrowis
compromised,nottheentiredatabase.Thisaddstotheoverallsecurityof
thesystem.
Analternativeapproachcouldbetouseasinglekeypercolumn,wherethesame
keyappliestoalltherowsorakeypertableregardlessofthenumberofcolumns
orakeyperschemaandsoon.Thenumberofkeystobemanagedwoulddecrease
dramaticallywithanyoftheseapproaches,butofcoursethevulnerabilityofthe
datawouldincrease.

Solution - Session (NETWORK) From 2010-1-To 2018-2 - BT3 Information Technology
No ratings yet
Solution - Session (NETWORK) From 2010-1-To 2018-2 - BT3 Information Technology
64 pages
ExploringIBMDB2 EncryptionTechnology Marcin BasterIBM POLSKA
No ratings yet
ExploringIBMDB2 EncryptionTechnology Marcin BasterIBM POLSKA
84 pages
AZURE AZ 500 STUDY GUIDE-1: Microsoft Certified Associate Azure Security Engineer: Exam-AZ 500
From Everand
AZURE AZ 500 STUDY GUIDE-1: Microsoft Certified Associate Azure Security Engineer: Exam-AZ 500
Mamta Devi
No ratings yet
Computer Science Capstone Project: Course Description
No ratings yet
Computer Science Capstone Project: Course Description
7 pages
Integrated ORION Lite User Manual
100% (2)
Integrated ORION Lite User Manual
497 pages
Vender Registration Form 1
No ratings yet
Vender Registration Form 1
1 page
Database Security
No ratings yet
Database Security
16 pages
Types of Database Encryption
No ratings yet
Types of Database Encryption
10 pages
Database Sec
No ratings yet
Database Sec
27 pages
Ijctt V3i2p108
No ratings yet
Ijctt V3i2p108
5 pages
08-Data Encryption
No ratings yet
08-Data Encryption
26 pages
DBMS Presentation
No ratings yet
DBMS Presentation
17 pages
Types of Database Encryption Methods
No ratings yet
Types of Database Encryption Methods
6 pages
Database Encryption
100% (1)
Database Encryption
37 pages
Muneeswaran V Research Scholar
No ratings yet
Muneeswaran V Research Scholar
14 pages
Challenges and Ethical Issues in Artificial Intelligence
From Everand
Challenges and Ethical Issues in Artificial Intelligence
akosnemeth
No ratings yet
DB_LO5_v2
No ratings yet
DB_LO5_v2
80 pages
IT_11200220016_Srinjoy Das
No ratings yet
IT_11200220016_Srinjoy Das
13 pages
Laboratory 9 - Protecting Data by Encryption (1)
No ratings yet
Laboratory 9 - Protecting Data by Encryption (1)
7 pages
6. Encryption
No ratings yet
6. Encryption
30 pages
Database Security
No ratings yet
Database Security
26 pages
IT 11200220020 Snehashish Ghosh
No ratings yet
IT 11200220020 Snehashish Ghosh
13 pages
Understanding Database Security
No ratings yet
Understanding Database Security
8 pages
1034646
No ratings yet
1034646
8 pages
Encryption
No ratings yet
Encryption
18 pages
Databasesynopsis
No ratings yet
Databasesynopsis
15 pages
Encryption in SQL Server: By: Joe Kuemerle / @jkuemerle
No ratings yet
Encryption in SQL Server: By: Joe Kuemerle / @jkuemerle
16 pages
3.security and Encryption
No ratings yet
3.security and Encryption
19 pages
Database Security 1
No ratings yet
Database Security 1
4 pages
SQL Server Column Level Encryption Example Using Symmetric Keys
No ratings yet
SQL Server Column Level Encryption Example Using Symmetric Keys
8 pages
Info Sec
No ratings yet
Info Sec
6 pages
Need for database security
No ratings yet
Need for database security
4 pages
Database Security and Study of Data Encryption Met
No ratings yet
Database Security and Study of Data Encryption Met
3 pages
Atabase Ecurity: Ravindranath Kanaujia Amit Tukshetti Vikas Gupta & Deepak Prakash
No ratings yet
Atabase Ecurity: Ravindranath Kanaujia Amit Tukshetti Vikas Gupta & Deepak Prakash
14 pages
Data Encryption
No ratings yet
Data Encryption
17 pages
Lecture Database Security 2
No ratings yet
Lecture Database Security 2
23 pages
Databasesecurity 210519091013
No ratings yet
Databasesecurity 210519091013
21 pages
Database Security
No ratings yet
Database Security
19 pages
SS3 Data Processing Lesson Note First Term
100% (1)
SS3 Data Processing Lesson Note First Term
20 pages
19 DB Security
No ratings yet
19 DB Security
19 pages
DBPublishppr
No ratings yet
DBPublishppr
8 pages
CH- 7
No ratings yet
CH- 7
22 pages
Database Security Using Encryption
No ratings yet
Database Security Using Encryption
6 pages
GRADE 11 DP - Database Security
No ratings yet
GRADE 11 DP - Database Security
3 pages
Adb CH3
No ratings yet
Adb CH3
26 pages
Database Backup Encryption in SQL Server
No ratings yet
Database Backup Encryption in SQL Server
10 pages
Database Security
No ratings yet
Database Security
8 pages
DSM Assignment 1
No ratings yet
DSM Assignment 1
15 pages
Niversity: Abdul Majid Niazai
No ratings yet
Niversity: Abdul Majid Niazai
13 pages
Database Security Using Encryption
No ratings yet
Database Security Using Encryption
6 pages
Database Security: CSIT115 Data Management and Security
No ratings yet
Database Security: CSIT115 Data Management and Security
19 pages
Data Protection 101: A Beginner's Guide to Digital Security
From Everand
Data Protection 101: A Beginner's Guide to Digital Security
Neil King
No ratings yet
Lec 9 Database Security & Administration
No ratings yet
Lec 9 Database Security & Administration
42 pages
DBMS - Bba Unit 4
No ratings yet
DBMS - Bba Unit 4
16 pages
IS unit 3 notes
No ratings yet
IS unit 3 notes
21 pages
Database Security, Authorization, & Encryption: Sahil Bhagat
No ratings yet
Database Security, Authorization, & Encryption: Sahil Bhagat
32 pages
Database Security
No ratings yet
Database Security
18 pages
Security: Database Management System (CS/IT 4 Sem) Unit 8
No ratings yet
Security: Database Management System (CS/IT 4 Sem) Unit 8
5 pages
Cloud Computing: The Untold Origins of Cloud Computing (Manipulation, Configuring and Accessing the Applications Online)
From Everand
Cloud Computing: The Untold Origins of Cloud Computing (Manipulation, Configuring and Accessing the Applications Online)
William Cormier
No ratings yet
Unit 8 Security
No ratings yet
Unit 8 Security
34 pages
Chapter Seven
No ratings yet
Chapter Seven
12 pages
Database Integrity and Security Concepts
No ratings yet
Database Integrity and Security Concepts
6 pages
CH 7 Advanced DB
No ratings yet
CH 7 Advanced DB
12 pages
Crypt DB
100% (1)
Crypt DB
28 pages
AC340 Accounting Systems I
No ratings yet
AC340 Accounting Systems I
10 pages
LD550 Syllabus
0% (1)
LD550 Syllabus
11 pages
ACC210 Syllabus
0% (1)
ACC210 Syllabus
10 pages
Intermediate Accounting I: Required Text
No ratings yet
Intermediate Accounting I: Required Text
9 pages
Lists: Web Development I - Page Content Elements
No ratings yet
Lists: Web Development I - Page Content Elements
4 pages
GU299 Syllabus
No ratings yet
GU299 Syllabus
10 pages
CS285 Syllabus
No ratings yet
CS285 Syllabus
6 pages
Political Conflicts Case Study A Look at The Political Polarity in The United States of America
No ratings yet
Political Conflicts Case Study A Look at The Political Polarity in The United States of America
2 pages
Lesson Five Annual Worth Analysis: Formulas
No ratings yet
Lesson Five Annual Worth Analysis: Formulas
2 pages
IS301 W4 Lecture
No ratings yet
IS301 W4 Lecture
6 pages
IS499 Final Project
No ratings yet
IS499 Final Project
6 pages
Political Conflicts America: Cultures in Conflict Week 7 Case Study
No ratings yet
Political Conflicts America: Cultures in Conflict Week 7 Case Study
2 pages
IS301 Discussion Preview
No ratings yet
IS301 Discussion Preview
2 pages
EMT320 W3 Getting Started
No ratings yet
EMT320 W3 Getting Started
3 pages
Gender Conflicts Allow It A Look at The Israeli Experience
No ratings yet
Gender Conflicts Allow It A Look at The Israeli Experience
3 pages
Web Design I: Course Description
No ratings yet
Web Design I: Course Description
7 pages
Part A: Introductions: W1: Introductions and Initial Status Report
No ratings yet
Part A: Introductions: W1: Introductions and Initial Status Report
3 pages
Cultures in Conflict: Course Description
No ratings yet
Cultures in Conflict: Course Description
10 pages
Chapter 6 Rate of Return Analysis: ROR Calculation
No ratings yet
Chapter 6 Rate of Return Analysis: ROR Calculation
5 pages
Chapter 8 Breakeven, Sensitivity, and Payback Analysis
No ratings yet
Chapter 8 Breakeven, Sensitivity, and Payback Analysis
5 pages
Benefit/Cost Analysis and Public Sector Projects
No ratings yet
Benefit/Cost Analysis and Public Sector Projects
4 pages
Weekly Overview: Week 2: Week 2: How Time and Interest Affect Money
No ratings yet
Weekly Overview: Week 2: Week 2: How Time and Interest Affect Money
4 pages
EMT320 W8 Getting Started
No ratings yet
EMT320 W8 Getting Started
1 page
Lesson Four Present Worth Analysis
No ratings yet
Lesson Four Present Worth Analysis
5 pages
Weekly Overview: Week 7: Week 7: Cost Benefit Analysis and Public Sector Projects
No ratings yet
Weekly Overview: Week 7: Week 7: Cost Benefit Analysis and Public Sector Projects
3 pages
Weekly Overview: Week 4: Week 4: Present Worth Analysis
No ratings yet
Weekly Overview: Week 4: Week 4: Present Worth Analysis
3 pages
EMT320 W2 Getting Started
No ratings yet
EMT320 W2 Getting Started
3 pages
ED250 Syllabus
No ratings yet
ED250 Syllabus
6 pages
Kho Vs Macalintal
No ratings yet
Kho Vs Macalintal
4 pages
Supreme Court Judgment On VLOO ARUN
No ratings yet
Supreme Court Judgment On VLOO ARUN
16 pages
Metro Lagos: Upgrade
No ratings yet
Metro Lagos: Upgrade
60 pages
KAR0050293
No ratings yet
KAR0050293
1 page
MBA06070 VinayJaju AsianPaints
No ratings yet
MBA06070 VinayJaju AsianPaints
15 pages
Uber Self-Driving Vehicle Strikes, Kills Pedestrian: Putin'S Dilemma
No ratings yet
Uber Self-Driving Vehicle Strikes, Kills Pedestrian: Putin'S Dilemma
32 pages
Concepcion Sitrep TD Odette - 10 PM - 15 December 2021
No ratings yet
Concepcion Sitrep TD Odette - 10 PM - 15 December 2021
5 pages
Philippine National Police, Police Regional Office 1
No ratings yet
Philippine National Police, Police Regional Office 1
4 pages
15 Nader An Affective
No ratings yet
15 Nader An Affective
26 pages
Criminal Record Certificate: Sarita Maharjan
No ratings yet
Criminal Record Certificate: Sarita Maharjan
2 pages
Week 5 Take Home Assignment Questions-Semester 1 2024-3 Jaime Durkin
No ratings yet
Week 5 Take Home Assignment Questions-Semester 1 2024-3 Jaime Durkin
13 pages
Swun Math 3rd Grade Homework
100% (2)
Swun Math 3rd Grade Homework
5 pages
Batch-53-final-result-winter21-converted
No ratings yet
Batch-53-final-result-winter21-converted
3 pages
Annexure-3 To Addendum-5
No ratings yet
Annexure-3 To Addendum-5
1 page
ANSI_AISC 341-16 Chapter J
No ratings yet
ANSI_AISC 341-16 Chapter J
11 pages
20210809 - Hai - TiengAnh - NhaTruong - 8A-2 PRACTICE 9 TUẦN 2
No ratings yet
20210809 - Hai - TiengAnh - NhaTruong - 8A-2 PRACTICE 9 TUẦN 2
5 pages
Courage For The Difficult Tasks PDF
No ratings yet
Courage For The Difficult Tasks PDF
2 pages
Sandeep Resume
No ratings yet
Sandeep Resume
4 pages
Bes Kinder Souvenir 2022
No ratings yet
Bes Kinder Souvenir 2022
53 pages
Bsme-2e - Paja - Sts-Module 4 - The Good Life
100% (4)
Bsme-2e - Paja - Sts-Module 4 - The Good Life
13 pages
Casual Slaughters and Accidental Judgments Canadian War Crimes Prosecutions 1944 1948 1st Edition Patrick Brode pdf download
100% (1)
Casual Slaughters and Accidental Judgments Canadian War Crimes Prosecutions 1944 1948 1st Edition Patrick Brode pdf download
61 pages
Flaws
No ratings yet
Flaws
8 pages
Project
No ratings yet
Project
1 page
CTIA v2 Exam Blueprint
No ratings yet
CTIA v2 Exam Blueprint
4 pages
Research On Academic Performance of Bsa Students of SSC
100% (1)
Research On Academic Performance of Bsa Students of SSC
7 pages
Law of Labour Safty and Hygiene in Mongolia
No ratings yet
Law of Labour Safty and Hygiene in Mongolia
14 pages
The Rosary Prayer 3.11
No ratings yet
The Rosary Prayer 3.11
3 pages

IS481 Week 2 Lecture For BB

Uploaded by

IS481 Week 2 Lecture For BB

Uploaded by

Overview

You might also like