Blue Oasis Technologies, Inc 2005 1 Data Security - Encryption Strategies for Data at Rest Protecting Enterprise DBMS Data

Blue Oasis Technologies, Inc 200Blue Oasis Technologies, Inc 20055

11

Data Security - Encryption Data Security - Encryption Strategies for Data at RestStrategies for Data at Rest

Protecting Enterprise DBMS Protecting Enterprise DBMS DataData


22

Presenter BackgroundPresenter Background• Michael McGrattan - CISSP, PMP, OCPMichael McGrattan - CISSP, PMP, OCP

– Director of Data Management Director of Data Management – Blue Oasis TechnologiesBlue Oasis Technologies

• 12 years of Information Technology 12 years of Information Technology experienceexperience– Data ManagementData Management– Information SecurityInformation Security– Corporate ComplianceCorporate Compliance

• Currently working on Sarbanes-Oxley IT Currently working on Sarbanes-Oxley IT General Computer Control (Section 404) General Computer Control (Section 404) compliance with Fortune 500 company.compliance with Fortune 500 company.


33

Presentation OverviewPresentation Overview• Electronic DataElectronic Data

– Structured (predetermined data types and understood Structured (predetermined data types and understood relationships - i.e. data stored and managed by a DBMS)relationships - i.e. data stored and managed by a DBMS)

– Unstructured (no conceptual definition and no data type Unstructured (no conceptual definition and no data type definition – i.e. data stored in a document or email message)definition – i.e. data stored in a document or email message)

• Primary StatesPrimary States– ““Data at Rest” – persistent data residing on storage Data at Rest” – persistent data residing on storage

mediamedia• Desktops/LaptopsDesktops/Laptops• Email serversEmail servers• File serversFile servers• Database Management Systems (DBMS)Database Management Systems (DBMS)

– ““Data in Transit” – data moving across the networkData in Transit” – data moving across the network• Within the Data CenterWithin the Data Center• Within the internal Corporate networkWithin the internal Corporate network• External to the Corporate networkExternal to the Corporate network

• What are we going to discuss today?What are we going to discuss today?– Encrypting structured “Data at Rest” in enterprise DBMSEncrypting structured “Data at Rest” in enterprise DBMS


44

PART 1PART 1

Database Encryption Database Encryption ArchitecturesArchitectures


55

Business DriversBusiness Drivers• Current State, Federal, and Industry LegislationCurrent State, Federal, and Industry Legislation

– California Senate Bill No. 1386 (SB1386)California Senate Bill No. 1386 (SB1386)– Health Insurance Portability and Accountability Act Health Insurance Portability and Accountability Act

(HIPAA)(HIPAA)– Gramm-Leach-Bliley Act (GLBA) Gramm-Leach-Bliley Act (GLBA) – Visa's Cardholder Information Security Program (CISP)Visa's Cardholder Information Security Program (CISP)– PCI Data Security StandardPCI Data Security Standard

• Future LegislationFuture Legislation– S.1350 – “Notification of Risk to Personal Data Act”S.1350 – “Notification of Risk to Personal Data Act”

• Corporate PoliciesCorporate Policies

• Defense in Depth ProgramsDefense in Depth Programs

• Segregation of DutiesSegregation of Duties


66

Primary ObjectivesPrimary Objectives

• Ensure confidentiality of dataEnsure confidentiality of data

• Minimize performance and operational Minimize performance and operational impactsimpacts

• Maximize application transparencyMaximize application transparency


77

Breaches in Data SecurityBreaches in Data Security• HackingHacking

– DSW - Database breach – 1.4 million credit card transactionsDSW - Database breach – 1.4 million credit card transactions– CardSystems – Database breach – 40 million credit card customersCardSystems – Database breach – 40 million credit card customers

• Cons and ScamsCons and Scams– BofA - Insider information – 676,000 bank customersBofA - Insider information – 676,000 bank customers– ChoicePoint – Imposters – 145,000 financial accountsChoicePoint – Imposters – 145,000 financial accounts

• Lack of CareLack of Care– CitiFinancial - Lost parcel of tapes – 3.9 million customersCitiFinancial - Lost parcel of tapes – 3.9 million customers

• Stolen HardwareStolen Hardware– UC Berkeley - Stolen laptop – 98,400 graduate studentsUC Berkeley - Stolen laptop – 98,400 graduate students– Time Warner – Stolen backup tapes – 600,000 employeesTime Warner – Stolen backup tapes – 600,000 employees– MCI – Stolen laptop – 16,500 employeesMCI – Stolen laptop – 16,500 employees

* Personally* Personally– Undergraduate College – disclosure of SSN and personal infoUndergraduate College – disclosure of SSN and personal info– LexusNexus – disclosure of SSN and personal infoLexusNexus – disclosure of SSN and personal info


88

Encryption Architecture Encryption Architecture OverviewsOverviews

• Essential to categorize architecturesEssential to categorize architectures– Clarifies market solutionsClarifies market solutions– Different technical, operational, and procedural Different technical, operational, and procedural

issuesissues– Enforces understanding for all stake-holders Enforces understanding for all stake-holders

• Categorization criteria for today’s discussionCategorization criteria for today’s discussion– ““Initiation point of cryptography processing”Initiation point of cryptography processing”

• 3 Categories of Architectures3 Categories of Architectures– ApplicationApplication– Database (DBMS)Database (DBMS)– Operating SystemOperating System


99

Application Encryption Application Encryption ArchitecturesArchitectures

• ““Initiation point” at application layerInitiation point” at application layer

APP LAYER

• AdvantagesAdvantages– Addresses wide-range of confidentiality threatsAddresses wide-range of confidentiality threats– Granular encryption controlGranular encryption control

• DisadvantagesDisadvantages– Not application transparentNot application transparent– Inability to support all “touch points”Inability to support all “touch points”

OS LAYER

CryptoServices

Crypto API

DB LAYER

OS LAYER


1010

Database Encryption Database Encryption ArchitecturesArchitectures

• ““Initiation point” at database layerInitiation point” at database layer

APP LAYER

• AdvantagesAdvantages– Degree of application transparencyDegree of application transparency– Centralization of encryption processingCentralization of encryption processing– Potential to support all “touch points”Potential to support all “touch points”

• DisadvantagesDisadvantages– Performance impactsPerformance impacts– Disparate DBMS supportDisparate DBMS support

OS LAYER

CryptoServices

ExtendedProcs

DB LAYER

OS LAYER


1111

OS Encryption ArchitecturesOS Encryption Architectures• ““Initiation point” at operating system layerInitiation point” at operating system layer

APP LAYER

• AdvantagesAdvantages– Application transparentApplication transparent– Supports all “touch points”Supports all “touch points”

• DisadvantagesDisadvantages– Reliance on the DBMS procedural controls to protect Reliance on the DBMS procedural controls to protect

data data – Limited “Segregation of Duties” options at database Limited “Segregation of Duties” options at database

layerlayer

OS LAYER CryptoServices

I/O Sub-system

DB LAYER

OS LAYER


1212

RiskRisk• Risk Risk is a function of the is a function of the likelihood likelihood of a given of a given

perpetrator(s) exercising a particular potential perpetrator(s) exercising a particular potential vulnerability and the resulting vulnerability and the resulting impact impact of that adverse of that adverse event on the organizationevent on the organization11

• ““Likelihood” and “Impact” often difficult to quantifyLikelihood” and “Impact” often difficult to quantify• Threats Threats are always present, but are always present, but vulnerabilities vulnerabilities are are

flaws or weaknesses that make a threat more likely to flaws or weaknesses that make a threat more likely to be successful or have a significant impactbe successful or have a significant impact

• Minimally, qualitative analysis can be used to assess Minimally, qualitative analysis can be used to assess threats and associated vulnerabilitiesthreats and associated vulnerabilities

• Quantitative analysis more challenging in absence of Quantitative analysis more challenging in absence of relevant statistical datarelevant statistical data

11NIST Risk Management Guide for Information Technology SystemsNIST Risk Management Guide for Information Technology Systems


1313

DBMS Confidentiality DBMS Confidentiality ThreatsThreats

THREATS*THREATS*Direct database access by administration Direct database access by administration accountsaccounts

Direct database access by security accountsDirect database access by security accounts

Direct database access by user accountsDirect database access by user accounts

Direct database access by application Direct database access by application accountsaccounts

Direct database access by business process Direct database access by business process accountsaccounts

Theft of database backups or backup mediaTheft of database backups or backup media

Operating System exploitsOperating System exploits

DBMS exploitsDBMS exploits

Application or business process exploitsApplication or business process exploits

Application access by application usersApplication access by application users

Theft of physical computer systemTheft of physical computer system

Theft of database data filesTheft of database data files

APPAPPXX

XX

XX

XX

XX

XX

XX

XX

XX

XX

DBDBXX

XX

XX

XX

XX

XX

XX

XX

XX

XX

OSOS

XX

XX

XX

XX

** Does not include potential threats once the data has left the management structure of the DBMS Does not include potential threats once the data has left the management structure of the DBMS


1414

Current Market PlaceCurrent Market Place

• Two main categories of solutionsTwo main categories of solutions– Encryption toolkits and API’sEncryption toolkits and API’s– Packaged Encryption SolutionsPackaged Encryption Solutions

• Players in the market placePlayers in the market place– DBMS VendorsDBMS Vendors– Commercial Application VendorsCommercial Application Vendors– Application PlatformsApplication Platforms– Security VendorsSecurity Vendors


1515

Product Evaluation CriteriaProduct Evaluation Criteria• Vendor Support Vendor Support - The compatibility of the vendor - The compatibility of the vendor

solution with the application, database, and operating solution with the application, database, and operating system platforms and versions of enterprise system platforms and versions of enterprise computing environment.computing environment.

• Access Controls Access Controls - The mechanisms and granularity - The mechanisms and granularity of control the solution provides with respect to of control the solution provides with respect to segregation of duties and existing access controls.segregation of duties and existing access controls.

• Key Management Key Management - The protocols and controls - The protocols and controls surrounding the storage, maintenance, and retrieval surrounding the storage, maintenance, and retrieval of encryption keys.of encryption keys.

• Management Console Management Console - The user interface for - The user interface for administering and managing the encryption solutions.administering and managing the encryption solutions.

• Cryptography Cryptography - The compatibility of the solution’s - The compatibility of the solution’s cryptography standards with those defined by cryptography standards with those defined by organization’s security policies.organization’s security policies.


1616

Product Evaluation Criteria Product Evaluation Criteria (cont.)(cont.)

• Remote Administration Remote Administration - The remote - The remote administration capabilities of the encryption solution.administration capabilities of the encryption solution.

• Application Transparency Application Transparency - The aspects of the - The aspects of the encryption architecture that would require the encryption architecture that would require the customization of existing applications and business customization of existing applications and business processes to integrate with the solution.processes to integrate with the solution.

• Performance Impact Performance Impact - The performance impact of - The performance impact of the encryption solution on application, database, and the encryption solution on application, database, and system resources.system resources.

• Database Administration Database Administration - The configuration, - The configuration, management, and operational impact of the management, and operational impact of the encryption solution on the database administration encryption solution on the database administration teams.teams.

• Cost Cost - The license, support, implementation, and - The license, support, implementation, and maintenance costs associated to the encryption maintenance costs associated to the encryption solution.solution.


1717

Application Centric Application Centric SolutionsSolutions

• Eruces Tricryption EngineEruces Tricryption Engine – www.eruces.comwww.eruces.com– Segregation of processing componentsSegregation of processing components– Extensible storage solution of encryption keysExtensible storage solution of encryption keys

• nCiphernCipher– www.ncipher.comwww.ncipher.com– Language agnostic XML interface for crypto Language agnostic XML interface for crypto

processingprocessing – Segregated HSM Segregated HSM

• RSA BSafeRSA BSafe– www.rsa.comwww.rsa.com– Well-respected security vendorWell-respected security vendor – ClearTrust management interfaceClearTrust management interface

http://www.eruces.com/

http://www.ncipher.com/

http://www.rsa.com/


1818

Database Centric Database Centric SolutionsSolutions• Application Security DBEncryptApplication Security DBEncrypt

– www.www.appsecincappsecinc.com.com– Ease of useEase of use

• IBM Data Encryption for IMS and DB2IBM Data Encryption for IMS and DB2 – www.ibm.comwww.ibm.com– Hybrid Database/OS centric solutionHybrid Database/OS centric solution

• Oracle DBMS_CRYPTOOracle DBMS_CRYPTO– www.oracle.comwww.oracle.com– Enhancements from 9i DBMS_OBFUSCATION_TOOLKIT Enhancements from 9i DBMS_OBFUSCATION_TOOLKIT

• Protegrity Secure.DataProtegrity Secure.Data– www.protegrity.comwww.protegrity.com– Recently back in the market placeRecently back in the market place

• Sybase and SQL ServerSybase and SQL Server– www.sybase.comwww.sybase.com– www.microsoft.comwww.microsoft.com

http://www.appsecinc.com/



http://www.ibm.com/

http://www.oracle.com/

http://www.protegrity.com/

http://www.sybase.com/

http://www.microsoft.com/


1919

OS Centric SolutionsOS Centric Solutions

• Vormetric CoreGuardVormetric CoreGuard– www.www.vormetricvormetric.com.com – Application and database transparencyApplication and database transparency

http://www.vormetric.com/




2020

Alternatives to EncryptionAlternatives to Encryption• Start with the obvious AND THEN justify need!!!Start with the obvious AND THEN justify need!!!

– Implementing database encryption solutions non-trivialImplementing database encryption solutions non-trivial– Numerous “house keeping” measures should be addressed Numerous “house keeping” measures should be addressed

firstfirst

• Reduce unnecessary propagation of sensitive data Reduce unnecessary propagation of sensitive data assetsassets– Identify sensitive data assetsIdentify sensitive data assets– Identify all “touch points”Identify all “touch points”– Identify all process flawsIdentify all process flaws– Focus and resolve unnecessary propagationFocus and resolve unnecessary propagation

• Enforce strict database procedural controlsEnforce strict database procedural controls– Principle of least privilegePrinciple of least privilege– Strict authentication, authorization, access restrictionsStrict authentication, authorization, access restrictions


2121

PART 2PART 2

A Deeper Look at the A Deeper Look at the Mechanics of Database Mechanics of Database

EncryptionEncryption


2222

Database Centric SolutionDatabase Centric Solution• Application Security DBEncryptApplication Security DBEncrypt

– www.appsecinc.comwww.appsecinc.com – Version 2.1Version 2.1– SQL Server 2000SQL Server 2000– Windows 2000Windows 2000

• Test will include encrypting sample ‘TEST_TABLE’ Test will include encrypting sample ‘TEST_TABLE’ elementselementscreate table TEST_TABLE create table TEST_TABLE (id (id integer integer null,null, col_integercol_integer integerinteger null,null, col_numericcol_numeric numeric(10,2)numeric(10,2)null,null, col_charcol_char char(40)char(40) null,null, col_varchar col_varchar varchar(40)varchar(40) null,null, col_datetimecol_datetime datetimedatetime null)null)



2323

Encryption SetupEncryption Setup• When DBEncrypt encrypts a table column, a series of related When DBEncrypt encrypts a table column, a series of related

database objects are createddatabase objects are created– Recreates original table and changes name to ‘<Recreates original table and changes name to ‘< table_name>_table_name>_base’base’ – Column datatype for encrypted column changed to accommodate the Column datatype for encrypted column changed to accommodate the

encrypted valueencrypted value – 2 views created: ‘<2 views created: ‘<table_name>table_name>’ and ‘<’ and ‘<table_name>_table_name>_dbe’dbe’ – ‘‘<<table_name>table_name>’ view simply references ‘<’ view simply references ‘<table_name>_table_name>_dbe’ viewdbe’ view – ‘‘<<table_name>_table_name>_dbe’ view responsible for making necessary dbe’ view responsible for making necessary

procedure calls to decrypt encrypted column dataprocedure calls to decrypt encrypted column data – View is the key to the application transparency!!View is the key to the application transparency!! - - The fact that the The fact that the

original table ‘<original table ‘<table_name>table_name>’ is now a view is transparent to existing ’ is now a view is transparent to existing SQL logic so long as the view ‘<SQL logic so long as the view ‘<table_nametable_name>’ supports necessary >’ supports necessary DML (Data Manipulation Language) operations INSERT, UPDATE, DML (Data Manipulation Language) operations INSERT, UPDATE, SELECT, and DELETESELECT, and DELETE

– Ability to handle DML operations accomplished via ‘Instead of Ability to handle DML operations accomplished via ‘Instead of Triggers’ ‘<Triggers’ ‘<table_name>_table_name>_dbe_ins_trg’, ‘<dbe_ins_trg’, ‘<table_name>_table_name>_dbe_upd_trg’dbe_upd_trg’

– SELECT and DELETE operations do not require explicit trigger logicSELECT and DELETE operations do not require explicit trigger logic


2424

Database ObjectsDatabase Objects• CREATE TABLE TEST_TABLE _baseCREATE TABLE TEST_TABLE _base

(id (id integer integer null,null,

col_integercol_integer varbinary(20)varbinary(20) null,null,

col_numericcol_numeric varbinary(20)varbinary(20) null,null,

col_charcol_char char(80)char(80) null,null,

col_varchar col_varchar varchar(80)varchar(80) null,null,

col_datetimecol_datetime datetimedatetime nullnull

dbe_row_iddbe_row_id integerinteger identity(1,1)identity(1,1)))

• CREATE VIEW CREATE VIEW TEST_TABLE TEST_TABLE WITH VIEW_METADATA ASWITH VIEW_METADATA AS

SELECT id, col_integer, col_numeric, col_char, col_varchar, SELECT id, col_integer, col_numeric, col_char, col_varchar, col_datetime col_datetime

FROM TEST_TABLE_dbeFROM TEST_TABLE_dbe


2525

Database Objects (cont.)Database Objects (cont.)

• CREATE VIEW CREATE VIEW TEST_TABLE_dbe TEST_TABLE_dbe WITH VIEW_METADATA ASWITH VIEW_METADATA AS

SELECT id, SELECT id, master.dbo.dbe_view_decrypt_int( col_integer, '2', 'AES', 'CTS') as master.dbo.dbe_view_decrypt_int( col_integer, '2', 'AES', 'CTS') as

'col_integer', 'col_integer',

cast(master.dbo.dbe_view_decrypt_num( col_numeric, '3', 'AES', 'CTS') cast(master.dbo.dbe_view_decrypt_num( col_numeric, '3', 'AES', 'CTS')

as numeric(10,2)) as 'col_numeric', as numeric(10,2)) as 'col_numeric',

convert(char(40), master.dbo.dbe_decrypt_stringc( col_char, '4', 'AES', 'CTS')) as convert(char(40), master.dbo.dbe_decrypt_stringc( col_char, '4', 'AES', 'CTS')) as 'col_char','col_char',

master.dbo.dbe_decrypt_string( col_varchar, '5', 'AES', 'CTS') as 'col_varchar', master.dbo.dbe_decrypt_string( col_varchar, '5', 'AES', 'CTS') as 'col_varchar',

col_datetime, col_datetime,

dbe_row_id,dbe_row_id,

col_integer as col_integer_encrypted, col_integer as col_integer_encrypted,

col_numeric as col_numeric_encrypted,col_numeric as col_numeric_encrypted,

col_char as col_char_encrypted, col_char as col_char_encrypted,

col_varchar as col_varchar_encryptedcol_varchar as col_varchar_encrypted

FROM FROM TEST_TABLE_baseTEST_TABLE_base


2626

Database Objects (cont.)Database Objects (cont.)

• create trigger create trigger TEST_TABLE_dbe_ins_trg TEST_TABLE_dbe_ins_trg on TEST_TABLE instead of on TEST_TABLE instead of insert insert

… …..

insert into insert into TEST_TABLE_base TEST_TABLE_base (id, col_integer, col_numeric, col_char, col_varchar, col_datetime) (id, col_integer, col_numeric, col_char, col_varchar, col_datetime)

values (@update_id, values (@update_id,

master.dbo.dbe_trg_encrypt_varbinary(cast(@update_col_integer asmaster.dbo.dbe_trg_encrypt_varbinary(cast(@update_col_integer as

varbinary(4000)), '2', 'AES', varbinary(4000)), '2', 'AES', 'CTS'),'CTS'),

master.dbo.dbe_trg_encrypt_varbinary(cast(@update_col_numeric asmaster.dbo.dbe_trg_encrypt_varbinary(cast(@update_col_numeric as

varbinary(4000)), '3', 'AES', varbinary(4000)), '3', 'AES', 'CTS'), 'CTS'),

master.dbo.dbe_trg_encrypt_char(@update_col_char, '4', 'AES', 'CTS'), master.dbo.dbe_trg_encrypt_char(@update_col_char, '4', 'AES', 'CTS'),

master.dbo.dbe_trg_encrypt_varchar(@update_col_varchar, '5', 'AES', master.dbo.dbe_trg_encrypt_varchar(@update_col_varchar, '5', 'AES', 'CTS'), 'CTS'),

@update_col_datetime) @update_col_datetime)

… …..


2727

Performance Test LogicPerformance Test Logic• SQL script created to exercise DML operations: SQL script created to exercise DML operations:

INSERT, UPDATE, SELECT, DELETEINSERT, UPDATE, SELECT, DELETE

• SQL script executed a total of 15 timesSQL script executed a total of 15 times – 5 Test Sets5 Test Sets– Test set for each number of encrypted columns:Test set for each number of encrypted columns:

• O, 1, 2, 3, 4O, 1, 2, 3, 4

– Test set run values:Test set run values:• 1000 rows, 10,000 rows, and 100,000 rows 1000 rows, 10,000 rows, and 100,000 rows


2828

Performance ResultsPerformance Results

ENCRYPTED COLUMNS INSERTS UPDATES SELECTS DELETES INSERTS UPDATES SELECTS DELETES INSERTS UPDATES SELECTS DELETES

0 6.766 .016 .000 .016 64.623 .140 .030 .110 642.430 6.156 .563 5.513

1 6.936 2.283 .546 .030 65.093 36.016 5.326 .140 646.930 1637.116 55.390 3.296

2 7.153 4.033 1.076 .033 73.983 53.533 10.750 .156 745.506 1806.303 107.610 1.810

3 10.063 6.343 1.766 .046 94.173 98.106 17.420 .280 923.443 2511.420 177.233 7.076

4 13.200 7.656 2.360 .030 126.716 93.653 22.483 .203 1267.640 2878.353 227.263 4.250

ENCRYPTED COLUMNS INSERTS UPDATES SELECTS DELETES INSERTS UPDATES SELECTS DELETES INSERTS UPDATES SELECTS DELETES

0 1.329 0.000 0.000 0.000 1.810 2.342 0.000 0.000 1.941 7.635 15.384 4.218

1 19.084 38.280 49.218 0.000 16.194 50.411 50.918 0.000 16.464 50.555 49.121 12.467

2 23.412 47.076 48.461 0.000 22.930 49.592 49.786 0.000 22.866 50.478 49.963 24.999

3 24.641 46.800 48.827 0.000 27.355 49.994 49.495 0.000 27.554 50.381 49.595 5.468

4 22.179 52.245 55.078 0.000 24.136 50.132 49.181 0.000 24.463 50.516 49.651 11.522

100,000 ROWS10,000 ROWS1,000 ROWS

DBEncrypt Total Time (Seconds) of DML Operations with Encrypted Columns

DBEncrypt CPU Utilization (Average Percentage) of DML Operations with Encrypted Columns

1,000 ROWS 10,000 ROWS 100,000 ROWS


2929

Execution DurationExecution DurationDBEncrypt Insert Performance

for Encrypted Columns

0

500

1000

1500

0 1 2 3 4

Encrypted Columns

Seco

nd

s

1,000 Row s

10,000 Row s

100,000 Row s

DBEncrypt Update Performance for Encrypted Columns

0

1000

2000

3000

4000

0 1 2 3 4

Encrypted Columns

Seco

nd

s

1,000 Row s

10,000 Row s

100,000 Row s

DBEncrypt Select Performance for Encrypted Columns

0

50

100

150

200

250

0 1 2 3 4

Encrypted Columns

Seco

nd

s

1,000 Row s

10,000 Row s

100,000 Row s


3030

CPU UTILIZATIONCPU UTILIZATIONDBEncrypt Insert Performance

for Encrypted Columns

0

20

40

60

80

100

0 1 2 3 4

Encrypted Columns

CP

U U

tilizatio

n

1,000 Row s

10,000 Row s

100,000 Row s

DBEncrypt Update Performance for Encrypted Columns

0

20

40

60

80

100

0 1 2 3 4

Encrypted Columns

CP

U U

tilizatio

n

1,000 Row s

10,000 Row s

100,000 Row s

DBEncrypt Select Performance for Encrypted Columns

0

20

40

60

80

100

0 1 2 3 4

Encrypted Columns

CP

U U

tiliz

atio

n

1,000 Row s

10,000 Row s

100,000 Row s


3131

DBEncrypt (2.1) LimitationsDBEncrypt (2.1) Limitations• Columns cannot be involved in a primary key/foreign key relationshipColumns cannot be involved in a primary key/foreign key relationship

• Column must have a data type of varchars, chars, int, smallint, tinyint, Column must have a data type of varchars, chars, int, smallint, tinyint, decimal, numeric, money, smallmoney, nvarchar, nchardecimal, numeric, money, smallmoney, nvarchar, nchar

• Column data size for varchar and char data types must not exceed 4000Column data size for varchar and char data types must not exceed 4000

• Column data size for nvarchar and nchar data types must not exceed 1000 Column data size for nvarchar and nchar data types must not exceed 1000

• Column cannot already be encrypted through DBEncrypt Column cannot already be encrypted through DBEncrypt

• Column cannot be indexed Column cannot be indexed

• Column can not have a rule set on it Column can not have a rule set on it

• Column cannot be computed Column cannot be computed

• Table must not have any columns with a default value Table must not have any columns with a default value

• Table must not have a trigger Table must not have a trigger

• Table must not have a full text index Table must not have a full text index

• Bulk Inserts not permitted Bulk Inserts not permitted

• Truncate Table not permittedTruncate Table not permitted


3232

Database Design Database Design ConsiderationsConsiderations

• Design is significant part of effort!!!Design is significant part of effort!!! – Easy to miss critical componentsEasy to miss critical components– Reactively addressing issues will lead to failureReactively addressing issues will lead to failure

• Design AreasDesign Areas– Table KeysTable Keys– Stored Procedures and FunctionsStored Procedures and Functions– SQL LogicSQL Logic– SQL OperationsSQL Operations– DatatypesDatatypes– Key StorageKey Storage


3333

ConclusionConclusion• Q&AQ&A

• Michael McGrattanMichael McGrattan– Director of Data ManagementDirector of Data Management– Blue Oasis TechnologiesBlue Oasis Technologies– [email protected]@blueoasistech.com– 858 335 1659858 335 1659

mailto:[email protected]

Documents

Blue Oasis Technologies, Inc 2005 1 Data Security - Encryption Strategies for Data at Rest Protecting Enterprise DBMS Data