Securing Enterprise Databases - Protecting Against External and Internal Threats
Mattsson, Ulf T., "Securing Enterprise Databases - Protecting Against External and Internal Threats" (February 8, 2005). Available at SSRN:
There are three commonly accepted baseline implementation and function requirements for a successful data encryption solution. However, each system layer approach delivers an encrypted solution in a different manner and address a multitude of different requirements. These requirements are broken out between critical requirements, "must-haves" for a solution to effectively secure the data, and practical requirements, factors that make it feasible for an enterprise to deploy a solution. Application-layer encryption requires rewrite of existing applications which is impractical due to limited IT resources, lack of access to source code, or a lack familiarity with old code. Rewriting applications is also very costly, risky and introduces an implementation time delay factor. Lastly, all applications that access the encrypted data must also be changed to support the encryption/decryption model. Storage-layer encryption alone can only protect against a narrow range of threats, namely media theft and storage system attacks. Database-layer encryption protects the data within the DBMS and also protects against a wide range of threats, including storage media theft, well known storage attacks, database-layer attacks, and malicious DBAs. Deployment at the column level within a database table, coupled with access controls will prevent theft of critical data. Column-level database encryption is clearly the most versatile solution that is capable of protecting against external and internal threats while at the same time meeting all regulatory requirements. A protective layer of encryption is provided around specific sensitive data items or objects, instead of building walls around servers or hard drives. This prevents outside attacks as well as infiltration from within the server itself. This also allows the security administrator to define which data are sensitive and thereby focus protection on the sensitive data, which in turn minimizes the delays or burdens on the system that may occur from bulk encryption methods.Go to article
Click here to see more on this topic.
Previous visitors have searched for information on access denied lotus notes user, lotus notes client download and access domino lotus web. We do collect this information to update our site to your needs.
Lotus Notes is used by more than 100.000 people world wide. Other e-mail clients are: Mozilla Mail & Newsgroups , Horde IMP and Novell Evolution and other personal information manager software are: Hula , BlinkList and Lotus Organizer (Windows) .