Software Testing Strategy

The business database environment would not be completely secure without database encryption technology. The term database encryption refers to the practice of obscuring the meaning of a piece of data by means of encoding before storing it in tables. Essentially, this involves protecting the files that are written to the column of a table by encrypting date, number and character data at the column, table, or schema level. Database table encryption can provide strong security for data at rest, but developing a database encryption strategy must take many factors into consideration, including stored procedure encryption, to reach a balance between usability and performance.

Implementing database encryption traditionally requires change of schema, increased complexity to maintenance and sometimes a significant degradation in system performance. For this reason the implementation requires a carefully thought out framework and approach to strike a fine balance between security and system performance. Managing security with database encryption can become more challenging if the office has multiple employees, which know or share the user information. Adequate safeguards need to be considered to ensure the consistency and safety of the data and disk space can be an issue with database encryption because encrypted fields are larger than unencrypted fields.

Some software tools and third party applications allow you to choose the level of database encryption and have the added ability to provide you with the option to run management reports to trace audited activity against your encrypted table data. By assigning users roles to system users, advanced software controls can block out end users from viewing or modifying data. This allows administrators or personnel responsible for system security and maintenance to maintain a high level of system integrity.

An example of the different levels of database encryption can be witnessed from the standards employed by the Oracle Database encryption wizard. This database encryption tool allows you to choose from five performance options: obfuscation, DES encryption, triple DES encryption, AES 128 bit encryption, and AES 256 bit encryption. Each level offers a more advanced level of encryption but is subject the end user meeting the system requirements. Obfuscation is a process of obscuring and rendering your data as useless. It is not fool proof but requires sophisticated and time intensive tools to break. The DES encryption standard is an Oracle certified encryption standard that uses a 64 Bit key to protect the data. A triple DES encryption protocol is an extension of the DES standard and uses three 64 bit keys to provide ensure an almost infinite number of combinations to protect the data. The AES 128 bit encryption is even more secure than its DES counterpart and offer a 20 percent increase in system performance on small and medium sized tables. AES 256 bit encryption uses large 32 byte encryption keys and is only available to Oracle 10g users.

Contact Us | Privacy Policy |