Summary

Database encryption differs from most other uses of encryption due to the nature of databases and database applications. Understanding why you are encrypting the data is important to ensuring that you are doing it properly. There are several important issues with database encryption. Understanding how to store the data is important for recovery and for making the data accessible to different databases. The encryption and decryption process can be made relatively transparent using a combination of views and table triggers.

Performance is the competing factor with encryption. This is especially true for softwarebased encryption. Selectively encrypting the data helps to ensure performance is maintained while still providing element-level protection for the most sensitive data. Data in its encrypted state is unusable. Careful attention has to be paid to understand how to design the data structures to allow for successful and high performing queries while also maintaining encryption.

Ultimately, the security of the encryption relies on how effectively the keys are managed. There are several options to key management. You saw how to securely store the keys in the database. Deriving the keys or having the application manage the keys are also very practical solutions. Combining several techniques will provide the safest key management implementation. In practically every case, wrapping the PL/SQL code provides added security that the key, algorithm, or both will not be discovered.

In many cases, the requirement for encrypting database data is to hide the data from the DBAs. This will be difficult—if not impossible—for the very skilled and determined DBAs. However,

it is possible to make the job extremely challenging. As pointed out in the beginning of the book, effective security is about risk management, not risk avoidance. Database encryption can be effective in providing another layer of security for the database data.