Cryptography in the Database: The Last Line of Defense

Kevin Kenan

  • 出版商: Addison Wesley
  • 出版日期: 2005-10-01
  • 售價: $2,180
  • 貴賓價: 9.5$2,071
  • 語言: 英文
  • 頁數: 312
  • 裝訂: Paperback
  • ISBN: 0321320735
  • ISBN-13: 9780321320735
  • 相關分類: 資料庫資訊安全
  • 海外代購書籍(需單獨結帳)

相關主題

商品描述

Description

Protect Your Enterprise Data with Rock-Solid Database Encryption

If hackers compromise your critical information, the results can be catastrophic. You're under unprecedented pressure—from your customers, your partners, your stockholders, and now, the government—to keep your data secure. But what if hackers evade your sophisticated security mechanisms? When all else fails, you have one last powerful line of defense: database cryptography. In this book, a leading crypto expert at Symantec demonstrates exactly how to use encryption with your own enterprise databases and applications.

Kevin Kenan presents a start-to-finish blueprint and execution plan for designing and building—or selecting and integrating—a complete database cryptosystem. Kenan systematically shows how to eliminate weaknesses, overcome pitfalls, and defend against attacks that can compromise data even if it's been protected by strong encryption.

This book's 3,000 lines of downloadable code examples let you explore every component of a live database cryptosystem, including key vaults and managers, manifests, engines, and providers.

This book's coverage includes

  • Understanding your legal obligations to protect data

  • Constructing a realistic database security threat model and ensuring that you address critical threats

  • Designing robust database cryptographic infrastructure around today's most effective security patterns

  • Hardening your database security requirements

  • Classifying the sensitivity of your data

  • Writing database applications that interact securely with your cryptosystem

  • Avoiding the common vulnerabilities that compromise database applications

  • Managing cryptographic projects in your enterprise database environment

  • Testing, deploying, defending, and decommissioning secure database applications

Cryptography in the Database is an indispensable resource for every professional who must protect enterprise data: database architects, administrators, and developers; system and security analysts; and many others.

Table of Contents

Acknowledgments.

About the Author.

Preface.

I. DATABASE SECURITY.

 1: The Case for Database Security.

 2: Securing Databases with Cryptography.

II. A CRYPTOGRAPHIC INFRASTRUCTURE.

 3. An Overview of Cryptographic Infrastructure.

 4. Cryptographic Engines and Algorithms.

 5. Keys: Vaults, Manifests, and Managers.

 6. Cryptographic Providers and Consumers.

III. THE CRYPTOGRAPHIC PROJECT.

 7. Managing the Cryptographic Project.

 8. Requirements Hardening.

 9. Design Hardening.

10. Secure Development.

11. Testing.

12. Deployment, Defense, and Decommissioning.

IV. EXAMPLE CODE.

13. About the Examples.

14. A Key Vault.

15. The Manifest.

16. The Key Manager.

17. The Engine.

18. Receipts and Provider.

19. The Consumer.

20. Exceptions.

21. The System at Work.

Bibliography.

Glossary.

Index.

商品描述(中文翻譯)

描述

保護您的企業數據,使用堅如磐石的數據庫加密

如果黑客入侵您的關鍵信息,後果可能是災難性的。您面臨著來自客戶、合作夥伴、股東,甚至政府的前所未有的壓力,必須確保數據的安全。但是,如果黑客繞過了您的高級安全機制呢?當一切都失敗時,您還有最後一道強大的防線:數據庫加密。在本書中,Symantec 的一位領先加密專家將具體演示如何在您的企業數據庫和應用程序中使用加密。

Kevin Kenan 提供了一個從頭到尾的藍圖和執行計劃,用於設計和構建——或選擇和整合——完整的數據庫加密系統。Kenan 系統地展示了如何消除弱點、克服陷阱,並防禦即使在強加密保護下也能危害數據的攻擊。

本書提供的 3,000 行可下載代碼示例讓您探索實時數據庫加密系統的每個組件,包括密鑰保管庫和管理器、清單、引擎和提供者。

本書的內容包括:

- 了解您保護數據的法律義務
- 構建現實的數據庫安全威脅模型,確保您能應對關鍵威脅
- 設計圍繞當今最有效安全模式的穩健數據庫加密基礎設施
- 加強您的數據庫安全要求
- 分類您的數據敏感性
- 編寫與您的加密系統安全互動的數據庫應用程序
- 避免危害數據庫應用程序的常見漏洞
- 在您的企業數據庫環境中管理加密項目
- 測試、部署、防禦和退役安全數據庫應用程序

《數據庫中的加密學》是每位必須保護企業數據的專業人士不可或缺的資源:數據庫架構師、管理員和開發人員;系統和安全分析師;以及許多其他人。

目錄

致謝
關於作者
前言
I. 數據庫安全
1: 數據庫安全的必要性
2: 使用加密技術保護數據庫
II. 加密基礎設施
3. 加密基礎設施概述
4. 加密引擎和算法