Pro Encryption in SQL Server 2022: Provide the Highest Level of Protection for Your Data
暫譯: SQL Server 2022 專業加密:為您的數據提供最高級別的保護
McGiffen, Matthew
商品描述
This in-depth look at the encryption tools available in SQL Server shows you how to protect data by encrypting it at rest with Transparent Data Encryption (TDE) and in transit with Transport Level Security (TLS). You will know how to add the highest levels of protection for sensitive data using Always Encrypted to encrypt data also in memory and be protected even from users with the highest levels of access to the database. The book demonstrates actions you can take today to start protecting your data without changing any code in your applications, and the steps you can subsequently take to modify your applications to support implementing a gold standard in data protection.
The book highlights work that Microsoft has been doing since 2016 to make encryption more accessible, by making TDE available in the standard edition, and the introduction of Always Encrypted that requires minimal work on your part to implement powerful and effective encryption, protecting your data and meeting regulatory requirements. The book teaches you how to work with the encryption technologies in SQL Server with the express goal of helping you understand those technologies on an intuitive level. You'll come away with a deep level of understanding that allows you to answer questions and speak as an expert. The book's aim is to make you as comfortable in deploying encryption in SQL Server as you would be in driving your car to buy groceries.
Those with a data security mindset will appreciate the discussion of how each feature protects you and what it protects you from, as well as how to implement things in the most secure manner. Database administrators will appreciate the high level of detail around managing encryption over time and the effect of encryption on database performance. All readers will appreciate the advice on how to avoid common pitfalls, ensuring that your projects to implement encryption run smoothly.
What You Will Learn
- Architect an effective encryption strategy for new applications
- Retrofit encryption into your existing applications
- Encrypt data at rest, in memory, and in transit
- Manage key and certificate life cycles, including backup and restore
- Recover encrypted databases in case of server failure
- Work with encryption in cloud-based scenarios
Database developers, architects, and administrators who want to work with encryption in SQL Server; those who want to maintain encryption whether data is at rest or being transmitted over the network; and those who wish to encrypt their data even when in the server's own memory. Readers should be familiar with SQL Server, but no existing knowledge of encryption is assumed.
商品描述(中文翻譯)
這本深入探討 SQL Server 中可用的加密工具的書,向您展示如何通過使用透明數據加密(Transparent Data Encryption, TDE)來保護靜態數據,以及通過傳輸層安全性(Transport Level Security, TLS)來保護傳輸中的數據。您將了解如何使用始終加密(Always Encrypted)為敏感數據提供最高級別的保護,這樣即使是對數據庫擁有最高訪問權限的用戶也無法訪問內存中的加密數據。這本書展示了您今天可以採取的行動,以開始保護您的數據,而無需更改應用程序中的任何代碼,並且隨後您可以採取的步驟,以修改您的應用程序以支持實施數據保護的金標準。
本書強調了微軟自 2016 年以來所做的工作,使加密變得更易於訪問,包括在標準版中提供 TDE,以及引入始終加密,這需要您最小的工作量來實施強大而有效的加密,保護您的數據並滿足監管要求。本書教您如何使用 SQL Server 中的加密技術,目的是幫助您在直觀層面上理解這些技術。您將深入理解,能夠回答問題並以專家的身份發言。本書的目標是讓您在 SQL Server 中部署加密時感到與開車去買雜貨一樣輕鬆。
擁有數據安全思維的人將會欣賞每個功能如何保護您以及保護您免受什麼威脅的討論,以及如何以最安全的方式實施這些功能。數據庫管理員將會欣賞有關隨時間管理加密的高詳細程度,以及加密對數據庫性能的影響。所有讀者都會欣賞如何避免常見陷阱的建議,確保您實施加密的項目順利進行。
您將學到什麼
- 為新應用程序設計有效的加密策略
- 將加密功能添加到現有應用程序中
- 加密靜態數據、內存中的數據和傳輸中的數據
- 管理密鑰和證書的生命週期,包括備份和恢復
- 在伺服器故障的情況下恢復加密數據庫
- 在雲端場景中使用加密
本書適合誰
本書適合希望在 SQL Server 中使用加密的數據庫開發人員、架構師和管理員;希望無論數據是靜態還是通過網絡傳輸都能維持加密的人;以及希望在伺服器自身內存中也能加密數據的人。讀者應該熟悉 SQL Server,但不需要具備現有的加密知識。
作者簡介
作者簡介(中文翻譯)
馬修·麥基芬是一位資料架構師,擁有超過20年的SQL Server及相關技術的工作經驗。馬修也有機會與微軟合作,參與一些最新加密技術的開發。他是關於SQL Server的熱門部落格的作者,並為SQL Server Central撰寫過文章。在空閒時間,馬修是一位業餘棋手和鋼琴家。
