Implementing data security inside a database tends to make life more difficult
for users, requiring them to do such things as remembering and specifying
encryption keys or passphrases. This presentation will look into the
mechanisms employed by Sybase ASE 15.0 to achieve high levels of data
protecting inside the database without placing any such additional burden on
end-users or application developers. As a relational DBMS, Sybase Adaptive
Server Enterprise (ASE) is used in mission-critical systems in many areas where
data security is of utmost importance. Sybase ASE 15.0 supports transparent
encryption of individual database columns with a unique set of properties not
available by other database vendors:
-
schema-level encryption, thus making encryption fully transparent to
applications
-
access to encrypted data is governed by granting 'decrypt' permission
-
'decrypt default' to make data-level encryption invisible to users without
decrypt permission
-
no performance loss; searches and joins are performed on ciphertext
-
protect data from the all-powerful DBA, without the need for authorised
users to know any encryption passwords or -keys
-
protecting database backups without the need to encrypt the full backup file
-
industry-strength encryption: 256-bit AES thout the need to encrypt the full
backup file
|
 Rob Verschoor is Senior Technology Evangelist bij Sybase Engineering. Hij
heeft sinds 1989 gewerkt met Sybase Adapative Server Enterprise (voorheen
Sybase SQL Server) en houdt zich nu o.a. bezig met database architectuur en
enterprise-level data-infrastructuur. In deze sessie zal worden ingegaan op
data security features van Sybase ASE.
|
