Column level encryption
This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)
|
Column level encryption is a type of database encryption method that allows user to select specific information or attributes to be encrypted instead of encrypting the entire database file. To understand why column level encryption is different from other encryption methods like file level encryption, disk encryption, and database encryption, a basic understanding of encryption is required.
Generally, when data are being collected and stored as records, those records will appear in a tabular format in rows in the database with each rows logging specific attributes. Some data can be more sensitive than others, for example, date of birth, social security number, home address, etc., which can act as a personal identification. In order to ensure that these private information is transferred and stored securely, data goes through encryption, which is the process of encoding plaintext into ciphertext. Non-designated readers or receivers will not be able to read the data without the decryption key. Another example to illustrate this concept is, given a database stores client's phone numbers. The set of phone numbers will appear to most readers as gibberish alphanumerical text with a mix of symbols, totally useless to those who do not have access privilege to view the data in plaintext (original form).
Because not all stored data are always sensitive and important, column level encryption was created to allow users the flexibility in choosing what sort of attributes should or should not be encrypted. This is to minimize performance disruption when executing crypto algorithms by moving data in and out of devices.
Application and advantages
[edit]The technology has been adopted by many encryption software companies around the world, including IBM, MyDiamo (Penta Security), Oracle and more. Column level encryption does not store the same encryption key like table encryption does but rather separate keys for each column. This method minimizes the probability of unauthorized access.
Advantages of column-level encryption
[edit]Advantages of column-level encryption:[1]
- Flexibility in data to encrypt. The application can be written to control when, where, by whom, and how data is viewed
- Transparent encryption is possible
- More secure as each column can have its own unique encryption key within the database
- Encryption is possible when data is active and not just “at rest”
- Retrieval speed is maintained because there's less encrypted data
See also
[edit]- Row-level security, restriction on database access to specific rows based on user roles
References
[edit]- ^ "Differences Between Whole Database and Column Encryption". NetLib Security. 2016-01-21. Retrieved 2018-07-30.