What issues need to be paid attention to when encrypting cloud databases?

Cloud Database Encryption

***One thing to consider is the necessity of encrypting your data. All databases have restricted access capabilities. Some suitable implementations are sufficient to protect data confidentiality.

Other factors that require encryption to protect data stored in a database are: hiding data from privileged users of the database (such as database administrators); to comply with laws and regulations, data owners cannot control access through accounts Access to data (e.g. using shared accounts).

When using cloud databases, especially SaaS solutions that use databases, the normal functionality of the database will be reduced, forcing the database or cloud application to access the key unless it can operate on the ciphertext.

Data encryption will bring complexity and performance costs. In addition to encryption, there are some other effective methods:

◆Use object security. Use SQL grant and revoke statements to restrict account access to this data. Access is only allowed to authorized users and must be strictly controlled within these accounts.

◆Storage secure hash value. Rather than storing the data directly, storing the hash value of this data allows the enterprise's program to prove that the holder has the correct value without actually storing the data.

Key Management

A very difficult process in public cloud computing is key management. The multi-tenant model in the public cloud causes the process running on it to require Consider key management issues.

A simple application case is that when an application is running in the public cloud, encrypted data will be transmitted from within the enterprise to the public cloud, and the key will only be used within the enterprise. Some encryption engines can encrypt data when it goes out and decrypt it when it comes in. An application that uses the key becomes complicated when other processes on the public cloud (such as batch processing) require access to the key to decrypt the data.

In an enterprise, users should have their own independent keys rather than using a shared key that is available to the entire enterprise. Assigning (or managing) a key to each user or entity, which can be implemented using an encryption engine based on the entity's identity information, is the simplest way to solve the problem. In this manner, any information that is specifically encrypted for one entity will be maintained by that entity. If entities within a group need to share data, the application that manages group access can be assigned a group-level key and the key shared among the entities within the group. Keys should be managed within the enterprise as discussed earlier in this section.

When data is stored in a public cloud environment, when deactivating this environment, prove that all data (especially PII or SPI data or data subject to laws and regulations) has been deleted from the public cloud environment, Including other media such as duplicate disks, etc., will be problematic; maintaining local key management can revoke (or delete or lose) keys from the key management system to ensure that any data remaining in the public cloud cannot be decrypted. This guarantee is provided.

If cloud service providers and users lack effective key management processes, data encryption will not be of great value. On the service provider side, factors of concern include: servers holding encrypted data and a lack of segregation of responsibilities for accessing keys; database administrators having access to personal keys; or database service architecture relying on a single key.

Using key encryption keys, generating encryption keys in memory, and only storing encryption keys on a key server are effective architectural solutions for controlling and protecting the keys themselves. These should be considered when building any solution. Client-side key management, protecting keys on a device that is not inherently secure (such as a mobile terminal), or where the device does not receive the same level of control, are all factors that need to be considered.

Specific suggestions in practice

In the specific practice of enterprise applications, you can follow some useful suggestions as follows:

◆When using any form When using encryption or decryption products, apply the best key management practices;

◆If possible, you should use readily available technologies from trusted sources to obtain the best practices;

◆Use the best key management practices, obtain technology and products for encryption, decryption, signing, and verify from trusted sources;

◆It is especially recommended that organizations maintain their own keys or Use a trusted cryptographic service that already operates such a service;

If an organization needs to use data stored in the cloud to run analytics or other processing, the organization should develop based on a platform such as Hadoop, from the cloud Export data from data sources;

◆Key jurisdiction can be maintained at the individual or collective level;

◆Management of collective access can use off-the-shelf technologies, such as DRM systems, or other operations Software for encrypting hard drives, files, and email messages on your desktop or laptop;

◆To maintain good practices and pass audits, organizations should manage their own keys or use an encryption key from Trusted services from encryption software providers;

◆Keys used in existing encryption technologies such as DRM and hard disk encryption products should be centrally managed within the enterprise using key storage technology; hardware security modulation should Used to store keys and handle encryption operations such as encryption, decryption, signature and modification;

◆Enterprise users should go through the registration process to enable encryption operations and other processes in the enterprise, such as content-aware or format-preserving encryption systems that can access encryption/decryption keys as needed;

◆Based on All components of identity authentication, integrate technical deployment into company systems, make authorization decisions during the process, use bundled encryption operations to manage keys for the encryption and decryption process;

◆ Use existing systems if possible Such as E-DRM or data leakage prevention (DLP);

◆Bundle encryption operations and key management to the company's identity authentication system, providing organizations with the most flexible integration, and using the organization's already Known, audited or tested technology.

◆In addition, for cloud database encryption, you can refer to the following practical suggestions:

◆Use standard algorithms. Do not use proprietary, non-standard technologies. Proprietary encryption algorithms have not been proven and are easily broken;

◆Avoid using old insecure encryption standards such as Data Encryption Standard (DES);

◆Use object safety. Even if encrypted, you should always use basic object security (including SQL allow and revoke statements) to prevent access to the data

◆Do not encrypt primary keys or index columns. If you encrypt the primary key, all referenced foreign keys will have to be encrypted. Querying data will be slow if the enterprise has used encrypted values ​​in the past and now encrypts the index columns

◆Use a columnar method to encrypt (because big data systems use this method).

The above is the detailed content of What issues need to be paid attention to when encrypting cloud databases?. For more information, please follow other related articles on the PHP Chinese website!