When you really need to keep sensitive data for example CCs or SSNs, would you:

1) Construct your own file encryption routine inside the application, define a secret key somewhere inside a config file, after which by hand secure/decrypt data visiting the database.

2) Push all of the problem towards the database, while using built-in DB abilities (I believe most suppliers refer to it as Transparent Database File encryption).

What trade-offs perhaps you have find for the solution? Does writing your personal routine perform poorly when in comparison to TDE? Is code maintainability, or on the other hand DB vendor lock-within an problem?

I have used a number of file encryption techniques but it's both simpler and much more secure to secure around the application side utilizing a proven file encryption routine (i.e. .Internet libraries).

Should you secure around the database, which means the information is distributed back and forth from the database in unencrypted form. This potentially enables for spying/tampering between your application and also the file encryption programs around the database. Even when you keep key around the application side, it's still needed around the database side to do file encryption. When the database is jeopardized, your computer data reaches serious risk (consider someone running profiler while the application runs).

Should you secure/decrypt within the application, sensitive data (such as the key) isn't revealed outdoors from the application server. Someone would need to compromise both Web server and database server to gain access to all your data.

Also, I'd recommend explore roll your personal file encryption routine. Odds are you'll make an error which will lessen the overall security of the solution.


Also added another component that will influence your choice. Must you query from that encoded data? Should you secure in the application level, you will have to bring the information towards the application, decrypt, and work after that. This becomes prohibitive because the data set develops bigger - whereas with database file encryption you are able to filter the information prior to it being delivered back towards the application.

To be sure with Mayo, but file encryption within the DB could simplify the constant maintenance from the whole system.

File encryption towards the Application level needs you manage the secrets, the authentication and authorization phase for that secrets and also the visualization from the data (according using what Mayo has written).

When you purchase Application File encryption you need to bother about the formula correctness with the developlment phase however in the constant maintenance phase. You need to implement unit test for no-regression. You need to manage the modification of file encryption formula because maybe you'll need a various and better formula.

And you've got to be certain that Encoded data is going to be always decrypted. It isn't an apparent factor, because software has bugs and so forth. Lost information is worse than obvious data -)

Sure use a well-known file encryption library, but all of the remainig things has become a try to do for you personally.

File encryption in to the DB safeguards only within the DB but you can look at to make use of some kind of SSL communication using the DB. I believe (but I am unsure) TDE implements this type of secure communication.

Application can be used in the user, an untrusted entity. You need to take into account that the information within the application sheds. Why? If I wish to steal data from the system that implements File encryption from the data at Application level or DB level, it might enough to utilize a photo-camera to obtain the data! Quite simple!

You need to think about the security from the system, however the functionality too. More may be the Security, less may be the Functionality. I really hope my factors is going to be helpful for you.