Cryptography in the Database Sample Code

Cryptography in the Database is a book about protecting your sensitive data where it is most vulnerable: sitting at rest in the database. Several goodies from the book are available for your perusal:

From the back of the book:


Protect Your Enterprise Data with Rock-Solid Database Encryption

If hackers compromise your critical information, the results can be catastrophic. You're under unprecedented pressure—from your customers, your partners, your stockholders, and now, the government—to keep your data secure. But what if hackers evade your sophisticated security mechanisms? When all else fails, you have one last powerful line of defense: database cryptography. In this book, a leading crypto expert at Symantec demonstrates exactly how to use encryption with your own enterprise databases and applications.

Kevin Kenan presents a start-to-finish blueprint and execution plan for designing and building—or selecting and integrating—a complete database cryptosystem. Kenan systematically shows how to eliminate weaknesses, overcome pitfalls, and defend against attacks that can compromise data even if it's been protected by strong encryption.

This book's 3,000 lines of downloadable code examples let you explore every component of a live database cryptosystem, including key vaults and managers, manifests, engines, and providers.

This book's coverage includes

  • Understanding your legal obligations to protect data

  • Constructing a realistic database security threat model and ensuring that you address critical threats

  • Designing robust database cryptographic infrastructure around today's most effective security patterns

  • Hardening your database security requirements

  • Classifying the sensitivity of your data

  • Writing database applications that interact securely with your cryptosystem

  • Avoiding the common vulnerabilities that compromise database applications

  • Managing cryptographic projects in your enterprise database environment

  • Testing, deploying, defending, and decommissioning secure database applications

Cryptography in the Database is an indispensable resource for every professional who must protect enterprise data: database architects, administrators, and developers; system and security analysts; and many others.

You can find Cryptography in the Database at Amazon or at your local book store.

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

zhulin

I like the book very much!
The book tell me what is Cryptography ,and how to use encryption with our own enterprise databases and applications.
This semester the theme of my paper is encrypting databases,the book gives me a great help .I greatly appreciate Mr.Kevin Kenan and his book.

Posted by: zhulin | February 22, 2008 at 11:26 PM

Patrick Donelan

Hi Kevin,

I'm currently two thirds of the way through your book and finding it very insightful.

For smaller projects that are forced to use local key stores as opposed to an HSM, do you know of any language-neutral solutions that exist (eg. third-party programs that can be interfaced from one's programming language of choice)?

In many cases it seems better to use a well established program that has been hardened by multiple users (within the inherent limits of a local store) rather than attempting to roll your own solution, especially for smaller projects.

Regards,

Patrick Donelan

Posted by: Patrick Donelan | March 29, 2008 at 06:40 PM

Kevin Kenan

Hi Patrick,

I don't know of any software-based, language-neutral key management solutions, but I agree with you that using a tried and tested one is better than rolling a custom solution. I'm just starting work on an open source database encryption system that I think would meet your needs. I'll follow up with you via email.

Thanks,
-kk

Posted by: Kevin Kenan | April 01, 2008 at 05:32 PM

Craig McLaughlin


Great book! I've devoured it. Only one question / comment: Java not being my favorite language... has there been progress by anyone you know of to port to other languages? Or should I get started?

Thanks,
--Craig

Posted by: Craig McLaughlin | May 14, 2008 at 01:10 PM

Salah Deng

Hi Keven
for long time Iwas looking for relationship to use cryptography in database this is will be my
Msc topic I like the book very mach

Posted by: Salah Deng | December 15, 2009 at 08:06 AM

madhands

How do you spell your surname?

Posted by: madhands | January 30, 2010 at 07:47 AM

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

About

  • A blog by Kevin Kenan about technology, security, and the ancient craft of programming.

    You might also be interested in checking out TeXTARIUM, where I chat about fiction, music, and the pursuit of the perfect shot of espresso.

My Book

  • Cryptography in the Database: The Last Line of Defense

    My book on using cryptography to protect information stored in a database. Published by Addison-Wesley and Symantec Press. Read more at the book's site. The source code is available for download.

Categories

Dedication

  • My grandfather had a wonderful shop in his basement. To me, it was a place of mystery and fascination, and I would spend hours wandering through it, looking at all the tools and projects in various states of completion. Not being much of a wood worker, I've never had the need for such a shop (not to mention that I lack a basement), but recently it occurs to me that my gear, computers, and software are my shop. This site is for my late grandfather and everyone else who takes personal pride in carefully executed work.
Subscribe to this blog's feed