Cryptography In The Database.
Kenan, Kevin.
Cryptography In The Database. - 1 online resource (305 pages)
COVER -- CONTENTS -- ACKNOWLEDGMENTS -- ABOUT THE AUTHOR -- PREFACE -- PART I: Database Security -- 1 THE CASE FOR DATABASE SECURITY -- 1.1 Attacks Against Databases -- 1.2 External Requirements to Secure Databases -- 1.3 Summary -- 2 SECURING DATABASES WITH CRYPTOGRAPHY -- 2.1 A Brief Database Refresher -- 2.2 What Is Cryptography? -- 2.3 Applying Cryptography -- 2.4 Cryptographic Risks -- 2.5 Cryptographic Attacks -- 2.6 Obfuscation -- 2.7 Transparent Encryption -- 2.8 Summary -- PART II: A Cryptographic Infrastructure -- 3 AN OVERVIEW OF CRYPTOGRAPHIC INFRASTRUCTURE -- 3.1 Application Architecture -- 3.2 Cryptographic Architecture -- 3.3 Cryptographic Keys -- 3.4 Summary -- 4 CRYPTOGRAPHIC ENGINES AND ALGORITHMS -- 4.1 Local Engines -- 4.2 Dedicated Engines -- 4.3 Cryptographic Algorithms -- 4.4 Summary -- 5 KEYS: VAULTS, MANIFESTS, AND MANAGERS -- 5.1 Key Vaults -- 5.2 Key Manifests -- 5.3 Key Managers -- 5.4 Summary -- 6 CRYPTOGRAPHIC PROVIDERS AND CONSUMERS -- 6.1 The Provider -- 6.2 The Consumer -- 6.3 Summary -- PART III: The Cryptographic Project -- 7 MANAGING THE CRYPTOGRAPHIC PROJECT -- 7.1 A Security Culture -- 7.2 Engaging the Customer -- 7.3 Project Scope -- 7.4 Project Roles -- 7.5 Summary -- 8 REQUIREMENTS HARDENING -- 8.1 Security Requirements, Policies, and Standards -- 8.2 Common Requirements -- 8.3 Requirements Review -- 8.4 Specifying the Cryptographic Standard -- 8.5 Data Classification -- 8.6 Summary -- 9 DESIGN HARDENING -- 9.1 Data Flow Diagrams -- 9.2 Design Guidelines -- 9.3 Threat Modeling -- 9.4 Security Patterns -- 9.5 Designing the Cryptosystem -- 9.6 Summary -- 10 SECURE DEVELOPMENT -- 10.1 Guidelines for Secure Development -- 10.2 Summary -- 11 TESTING -- 11.1 Functional Security Testing -- 11.2 Penetration Testing -- 11.3 Summary -- 12 DEPLOYMENT, DEFENSE, AND DECOMMISSIONING -- 12.1 Deployment -- 12.2 Defense. 12.3 Decommissioning -- 12.4 Summary -- PART IV: Example Code -- 13 ABOUT THE EXAMPLES -- 13.1 Utilities and Common Services -- 13.2 The Example Engine and Key Vault -- 13.3 Summary -- 14 A KEY VAULT -- 14.1 The Local Key -- 14.2 Local Key Store -- 14.3 Accessing a Local Key -- 14.4 Summary -- 15 THE MANIFEST -- 15.1 The Key Alias -- 15.2 Summary -- 16 THE KEY MANAGER -- 16.1 KeyTool -- 16.2 Summary -- 17 THE ENGINE -- 17.1 The Local Engine -- 17.2 Summary -- 18 RECEIPTS AND THE PROVIDER -- 18.1 Encryption Requests and Decryption Results -- 18.2 Receipts -- 18.3 The Provider -- 18.4 Summary -- 19 THE CONSUMER -- 19.1 Customer Information -- 19.2 Credit Card Information -- 19.3 The Customer Manager -- 19.4 Summary -- 20 EXCEPTIONS -- 20.1 Alias Exception -- 20.2 Invalid Key State Exception -- 20.3 Key Not Found Exception -- 20.4 Live Key Not Found Exception -- 20.5 Multiple Alias ID Exception -- 20.6 Customer Not Found Exception -- 20.7 Summary -- 21 THE SYSTEM AT WORK -- 21.1 Setting Up Keys -- 21.2 Working with Customer Information -- 21.3 Replacing a Key -- 21.4 Replacing the Key-Encrypting Key -- 21.5 Summary -- BIBLIOGRAPHY -- GLOSSARY -- INDEX -- A -- B -- C -- D -- E -- F -- G -- H -- I -- J -- K -- L -- M -- N -- O -- P -- Q -- R -- S -- T -- U -- V -- W -- Z.
9788131741382
Electronic books.
005.82
Cryptography In The Database. - 1 online resource (305 pages)
COVER -- CONTENTS -- ACKNOWLEDGMENTS -- ABOUT THE AUTHOR -- PREFACE -- PART I: Database Security -- 1 THE CASE FOR DATABASE SECURITY -- 1.1 Attacks Against Databases -- 1.2 External Requirements to Secure Databases -- 1.3 Summary -- 2 SECURING DATABASES WITH CRYPTOGRAPHY -- 2.1 A Brief Database Refresher -- 2.2 What Is Cryptography? -- 2.3 Applying Cryptography -- 2.4 Cryptographic Risks -- 2.5 Cryptographic Attacks -- 2.6 Obfuscation -- 2.7 Transparent Encryption -- 2.8 Summary -- PART II: A Cryptographic Infrastructure -- 3 AN OVERVIEW OF CRYPTOGRAPHIC INFRASTRUCTURE -- 3.1 Application Architecture -- 3.2 Cryptographic Architecture -- 3.3 Cryptographic Keys -- 3.4 Summary -- 4 CRYPTOGRAPHIC ENGINES AND ALGORITHMS -- 4.1 Local Engines -- 4.2 Dedicated Engines -- 4.3 Cryptographic Algorithms -- 4.4 Summary -- 5 KEYS: VAULTS, MANIFESTS, AND MANAGERS -- 5.1 Key Vaults -- 5.2 Key Manifests -- 5.3 Key Managers -- 5.4 Summary -- 6 CRYPTOGRAPHIC PROVIDERS AND CONSUMERS -- 6.1 The Provider -- 6.2 The Consumer -- 6.3 Summary -- PART III: The Cryptographic Project -- 7 MANAGING THE CRYPTOGRAPHIC PROJECT -- 7.1 A Security Culture -- 7.2 Engaging the Customer -- 7.3 Project Scope -- 7.4 Project Roles -- 7.5 Summary -- 8 REQUIREMENTS HARDENING -- 8.1 Security Requirements, Policies, and Standards -- 8.2 Common Requirements -- 8.3 Requirements Review -- 8.4 Specifying the Cryptographic Standard -- 8.5 Data Classification -- 8.6 Summary -- 9 DESIGN HARDENING -- 9.1 Data Flow Diagrams -- 9.2 Design Guidelines -- 9.3 Threat Modeling -- 9.4 Security Patterns -- 9.5 Designing the Cryptosystem -- 9.6 Summary -- 10 SECURE DEVELOPMENT -- 10.1 Guidelines for Secure Development -- 10.2 Summary -- 11 TESTING -- 11.1 Functional Security Testing -- 11.2 Penetration Testing -- 11.3 Summary -- 12 DEPLOYMENT, DEFENSE, AND DECOMMISSIONING -- 12.1 Deployment -- 12.2 Defense. 12.3 Decommissioning -- 12.4 Summary -- PART IV: Example Code -- 13 ABOUT THE EXAMPLES -- 13.1 Utilities and Common Services -- 13.2 The Example Engine and Key Vault -- 13.3 Summary -- 14 A KEY VAULT -- 14.1 The Local Key -- 14.2 Local Key Store -- 14.3 Accessing a Local Key -- 14.4 Summary -- 15 THE MANIFEST -- 15.1 The Key Alias -- 15.2 Summary -- 16 THE KEY MANAGER -- 16.1 KeyTool -- 16.2 Summary -- 17 THE ENGINE -- 17.1 The Local Engine -- 17.2 Summary -- 18 RECEIPTS AND THE PROVIDER -- 18.1 Encryption Requests and Decryption Results -- 18.2 Receipts -- 18.3 The Provider -- 18.4 Summary -- 19 THE CONSUMER -- 19.1 Customer Information -- 19.2 Credit Card Information -- 19.3 The Customer Manager -- 19.4 Summary -- 20 EXCEPTIONS -- 20.1 Alias Exception -- 20.2 Invalid Key State Exception -- 20.3 Key Not Found Exception -- 20.4 Live Key Not Found Exception -- 20.5 Multiple Alias ID Exception -- 20.6 Customer Not Found Exception -- 20.7 Summary -- 21 THE SYSTEM AT WORK -- 21.1 Setting Up Keys -- 21.2 Working with Customer Information -- 21.3 Replacing a Key -- 21.4 Replacing the Key-Encrypting Key -- 21.5 Summary -- BIBLIOGRAPHY -- GLOSSARY -- INDEX -- A -- B -- C -- D -- E -- F -- G -- H -- I -- J -- K -- L -- M -- N -- O -- P -- Q -- R -- S -- T -- U -- V -- W -- Z.
9788131741382
Electronic books.
005.82