|
 |
|
 |
 |
Cryptography in the Database: The Last Line of Defense (Symantec Press)
|
by Kevin Kenan
Sales Rank: 612774
|
Discount: 32 %
$4.00
At Amazon
|
|
Paperback: 312 pages
Publisher: Addison-Wesley Professional October 29, 2005
Language: English
ISBN-10: 0321320735
ISBN-13: 978-0321320735
Product Dimensions:
9.1 x 7 x 0.9 inches
Shipping Weight: 1.3 pounds
Back Cover Copy
Protect Your Enterprise Data with Rock-Solid Database Encryption
If hackers compromise your critical information, the results can be catastrophic. You're under unprecedented pressurefrom your customers, your partners, your stockholders, and now, the governmentto keep your data secure. But what if hackers evade your sophisticated security mechanisms? When all else fails, you have one last powerful line of defense: database cryptography. In this book, a leading crypto expert at Symantec demonstrates exactly how to use encryption with your own enterprise databases and applications.
Kevin Kenan presents a start-to-finish blueprint and execution plan for designing and buildingor selecting and integratinga complete database cryptosystem. Kenan systematically shows how to eliminate weaknesses, overcome pitfalls, and defend against attacks that can compromise data even if it's been protected by strong encryption.
This book's 3,000 lines of downloadable code examples let you explore every component of a live database cryptosystem, including key vaults and managers, manifests, engines, and providers.
This book's coverage includes
Understanding your legal obligations to protect data
Constructing a realistic database security threat model and ensuring that you address critical threats
Designing robust database cryptographic infrastructure around today's most effective security patterns
Hardening your database security requirements
Classifying the sensitivity of your data
Writing database applications that interact securely with your cryptosystem
Avoiding the common vulnerabilities that compromise database applications
Managing cryptographic projects in your enterprise database environment
Testing, deploying, defending, and decommissioning secure database applications
Cryptography in the Database is an indispensable resource for every professional who must protect enterprise data: database architects, administrators, and developers; system and security analysts; and many others.
© Copyright Pearson Education. All rights reserved.
About The Author
Kevin Kenan leads Symantec's IT application and database security program. In this position, he works with application development teams to ensure that the applications and databases Symantec deploys internally are secure. This work includes specifying cryptographic solutions to protect sensitive information wherever it is stored. Prior to his work in Symantec's information security department, Kevin designed and developed applications for Symantec's information technology and product development teams often with an emphasis on security and cryptography. He previously provided enterprise support for Symantec's development tools, and he holds a Bachelor of Science in Mathematics from the University of Oregon.
Customer Reviews & Comments
Iorn mountain, UPS both had very drastic failures this year, backup tapes with thousands of customer records were lost. Everybody in the industry is scrambling to figure out how to encrypt the backup tapes. Most of us feel the option of simply making a backup of already encrypted data is a better choice than piping the backup through an encryption process. This book arrives in our hour of need and it has the feel of a been there, done that author. The code examples are MySQL and Java 1.4.2 and really helped me understand just what needs to happen. The majority of the book is platform agnostic, so if you run a different platform it will still be valuable. The book is well written, well edited, well laid out, what you expect to see from Addison-Wesley and Symantec Press. The only thing that drove me crazy about the book is on page 163, the author recommends HSMs ( Hardware Security Model) for storing the keys to the kingdom, yup, yup, I agree, we all agree. And then he goes on to say, Java 1.4.2 does not support this -- ouch! However, his code examples are a nice work around using AES on the local engine which is good'nuff. Got sensitive data? Then get this book!
Comment | Permalink |
(Report this)
|
Cryptography in the Database: The Last Line of Defense (Symantec Press)
Discount: 32 %
Available from Amazon
Price: $4.00
| |
|
|
|
|
