问题描述
当你需要存储(如CCS)或核潜艇的敏感数据,你:
When you need to store sensitive data such as CCs or SSNs, do you:
1)建立自己的加密程序,在配置文件中某处定义密钥,然后手动加密/解密的数据要到数据库中。
1) Build your own encryption routine within the application, define a secret key somewhere in a config file, and then manually encrypt/decrypt data going to the database.
2)推动所有的问题到数据库中,使用内置的数据库功能(我想大多数厂商称之为透明数据库加密)。
2) Push all the problem to the database, using the built in DB capabilities (I think most vendors call it Transparent Database Encryption).
你找到适合您的解决方案是什么取舍?难道写相比,TDE当你自己的日常表现不佳?为code可维护性,或者反过来DB厂商锁定问题?
What trade-offs have you find for your solution? Does writing your own routine perform poorly when compared to TDE? Is code maintainability, or conversely DB vendor lock-in an issue?
推荐答案
我已经使用了多种加密技术,我相信这是双方更方便,更安全的使用经过验证的加密程序在应用程序端加密(即。 NET库)。
I've used a variety of encryption techniques and I believe it is both easier and more secure to encrypt on the application side using a proven encryption routine (i.e. .NET libraries).
如果您加密数据库上,这意味着该数据被发送到和从在未加密的形式的数据库。这潜在地允许对窥探/应用程序和数据库的加密例程之间篡改。即使你存储在应用端的关键,它仍然需要在数据库端进行加密。如果数据库被泄露,你的数据是在严重的危险(试想一下,有人探查运行应用程序运行时)。
If you encrypt on the database, that means the data is sent to and from the database in unencrypted form. This potentially allows for snooping/tampering between the application and the encryption routines on the database. Even if you store the key on the application side, it is still required on the database side to perform encryption. If the database is compromised, your data is at serious risk (just imagine someone running profiler while your application runs).
如果您加密/在应用程序进行解密,敏感数据(包括键)被从未显示的应用程序服务器的外部。有人将不得不妥协的Web服务器和数据库服务器既可以访问所有的数据。
If you encrypt/decrypt in the application, sensitive data (including the key) is never revealed outside of the application server. Someone would have to compromise both the Web server and database server to access all of your data.
另外,我会强烈建议你不要推出自己的加密程序。有可能到头来你会犯了一个错误,这将减少您的解决方案的整体安全性。
Also, I would highly recommend you not roll your own encryption routine. Chances are you will make a mistake that will reduce the overall security of your solution.
编辑:
也想补充一点,会影响你的决定的另一因素。你需要查询关闭该加密的数据?如果您加密在应用层面上,你需要把数据给应用程序,解密,并从那里工作。这会让人望而却步随着数据集变得更大 - 而使用数据库加密发送之前返回给应用程序可以过滤数据
Also wanted to add another factor that will influence your decision. Do you need to query off of that encrypted data? If you encrypt at the application level, you will need to bring the data to the application, decrypt, and work from there. This becomes prohibitive as the data set grows larger - whereas with database encryption you can filter the data before it is sent back to the application.
这篇关于数据库加密或应用级加密?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!