Cryptography in the Database is a book about protecting your sensitive data where it is most vulnerable: sitting at rest in the database. Several goodies from the book are available for your perusal:
- Chapter two on line or as a PDF
- The index (PDF)
- Source code from the book
- Addison-Wesley's page contains more information including the book's preface
From the back of the book:
Protect Your Enterprise Data with Rock-Solid Database Encryption
If hackers compromise your critical information, the results can be catastrophic. You're under unprecedented pressure—from your customers, your partners, your stockholders, and now, the government—to keep your data secure. But what if hackers evade your sophisticated security mechanisms? When all else fails, you have one last powerful line of defense: database cryptography. In this book, a leading crypto expert at Symantec demonstrates exactly how to use encryption with your own enterprise databases and applications.
Kevin Kenan presents a start-to-finish blueprint and execution plan for designing and building—or selecting and integrating—a complete database cryptosystem. Kenan systematically shows how to eliminate weaknesses, overcome pitfalls, and defend against attacks that can compromise data even if it's been protected by strong encryption.
This book's 3,000 lines of downloadable code examples let you explore every component of a live database cryptosystem, including key vaults and managers, manifests, engines, and providers.
This book's coverage includes
- Understanding your legal obligations to protect data
- Constructing a realistic database security threat model and ensuring that you address critical threats
- Designing robust database cryptographic infrastructure around today's most effective security patterns
- Hardening your database security requirements
- Classifying the sensitivity of your data
- Writing database applications that interact securely with your cryptosystem
- Avoiding the common vulnerabilities that compromise database applications
- Managing cryptographic projects in your enterprise database environment
- Testing, deploying, defending, and decommissioning secure database applications
Cryptography in the Database is an indispensable resource for every professional who must protect enterprise data: database architects, administrators, and developers; system and security analysts; and many others.
You can find Cryptography in the Database at Amazon or at your local book store.