Download Database encryption

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
Document related concepts
no text concepts found
Transcript 
Database Vulnerability And
Encryption
Presented By:
Priti Talukder
Content
 Different types of Threats.
 How will organization protect sensitive data?
 What is database encryption, and how does it
work?
 Is database encryption alone enough to protect
data from compromise?
 Does encrypting a database impact server
performance?
Threats
 External Threats
Hackers breach a software company’s website,
stealing credit card information.
 Internal Threats
A disgruntled employee accesses confidential
salary information and distributes it.
 Physical threats
Thieves strike a data center.
Example Of Threats
 Stolen 55,000 credit card records from the
database of CreditCards.com by Mexus.
 mirror image of Mexus’s web site.
Database encryption
 What is Database encryption?
 Protect data from compromise and abuse.

How does it work?
Credit Card
Number
011112345677999
1234567890123456
+
Encrypted
Credit Card
Number
04wØ×1ve
Encryption Key
+
Encryption Algorithm
Encryption Strategy
 Inside DBMS
 Advantages and
Disadvantages
 Least impact on application
 Security vulnerabilityencryption key stored in
database table.
 Performance degradation
 To separate keys, additional
hardware is required like
HSM.
 Outside DBMS
 Advantages and
Disadvantages
– Remove computational
overhead from DBMS and
application servers.
– Separate encrypted data
from encrypted key.
– Communication overhead.
– Must administer more
servers.
Is database encryption enough?
 Compromising with web server.
 Hacking while transfer(MITM)
 Solution
Additional security practices such as SSL and proper
configuration of firewall.
Application Spher
Structure
Telnet
Http
Front
Door
Firewall
DPI,Detector
IPS
Metal
Sql in
Pick pocket
Application
Sphere
Cookie poisoning
Buffer o
Statistics
Attack
Percent vulnerable
Cross-site scripting
SQL injection
Parameter tampering
Cookie poisoning
Database server
Web Server
Buffer overflow
80%
62%
60%
37%
33%
23%
19%
Application security-essential
element
Information
Database
Business Logic
Application server
Application
Web custom
Host
OS, Network,
System, Memory
TCP, UDP, Port
over IP
Network
References
 http://www.imperva.com
 http://databases.about.com/library/weekly/aa1215
00b.htm
 http://www.governmentsecurity.org/articles/Datab
asesecurityprotectingsensitiveandcriticalinformati
on.php
 http://techlibrary.wallstreetandtech.com/data/rlist?t
=itmgmt_10_50_20_24
Related documents