Re: Database Encryption (now required by law in Italy)

Alle 20:14, venerdì 5 marzo 2004, Stephan Szabo ha scritto:
> > Unfortunately, the new Italian law forces us to take seriously into
> > account this catastrophic scenario and another one that is almost as
> > worring: an unfaithful SysAdmin that copies your data and sells them to
> > KGB. So, database encryption (and not disk encryption) is the _only_
> > answer.
>
> But since your sysadmin (if not trusted) could go behind your back and
> replace the database, any applications that are using the data, etc, I'm
> not sure that's even sufficient.

Replacing the RDBMS engine and/or the "client" application, would be useless:
the "cracker" still need the password to access the encrypted data.

> > > Of course, this loopback encryption with a boot-time passphrase may
> > > fail if they take the rackmount UPS as *well*, and keep the machine
> > > powered at all times ;)
> >
> > The server should listen to the (encrypted/digitally signed) "Heartbeat"
> > of a password server through the net to prevent this kind of attack.
>
> That'll help prevent this sort of attack (although doesn't entirely unless
> you can guarantee that the password server cannot be taken at the same
> time) but also gives you a remote point of failure.

Right.

See you

-----------------------------------------
Alessandro Bottoni and Silvana Di Martino
alessandrobottoni(at)interfree(dot)it
silvanadimartino(at)tin(dot)it