Blog Moved

Future posts related to technology are directly published to LinkedIn
https://www.linkedin.com/today/author/prasadchitta

Wednesday, February 13, 2008

Data Security and Related Technologies

This post is my review of the technology available in the area of "Data Security" - Security in used in a context of access control and threat protection.

All the information technology is about making the right data available to the right user and the security means it should not be available to a wrong user. This is especially true for the sensitive and personal data stored on the IT assets.

The focus is on Oracle Technologies.

Virtual Private Database & Oracle Label security
Used to restrict regional/role-based access to the data using the data access policies or labels. A user with right role in right region can access their own data. They will not be able to see any other data, which they are not authorized to see.

Transparent Data Encryption – Disk level encryption
Used for Disk level encryption of data. Data is not stored in plain text on the disk, Prevents data visibility to some low level disk reading type attacks

DBMS_CRYPTO – Application Encryption
Application managed encryption. Only the application knows how to use the data.

Database Vault
Role separation and Insider threat.
Good for IT/DBA outsourcing. Protection from privileged users accessing the sensitive application data.

Data Masking or Scrambling
The internal development/test by masking sensitive data or provide the data to service providers for billing or telemarketing etc by scrambling sensitive data.