Database Encryption
- structured database stores data in tables
- table data is stored as files on a volume
- access is mediated through a database management system (DBMS) running a database language such as SQL
- database is hosted on a server and accessed by client applications
- underlying files could be protected by a disk or volume encryption product running on the server
- has an adverse impact on performance
- so commonly implemented by the DBMS or by a plug-in
- encryption can be applied at different levels
- options depend on DBMS
- the following are based on Microsoft SQL Server DBMS
Database-Level Encryption
- aka page-level encryption
- occurs when any data is transferred between the disk and memory
- referred to as transparent data encryption (TDE) in SQL server
- page is the means by which the database engine returns data request by a query from the underlying storage files
- this encryption means all records are encrypted while they are stored on disk
- protects against theft of underlying media
- encrypts logs generated by database
Record-level Encryption
- many databases contain secrets that should not be known by the db admin
- public key encryption solves this
- by storing the private key used to unlock the value of a cell outside the database
- cell/column encryption is applied to one or more fields within a table
- less of a performance impact than database-level encryption
- can complicate client access to data
- works in many ways
- with SQL Server’s Always Encrypted feature
- data remains encrypted when loaded into memory
- only decrypted when client app supplies the key
- plaintext key not available to DBMS
- admin cannot decrypt the key
- allows for separation of duties between db admin and data owner
- some solutions support record-level encryption
- e.g., healthcare data
- each customer data is record-level
- encrypted with its own key
- allows for compliance requirements