This is Anton Chuvakin original blog (pre-Gartner) that I will now use to backup my Medium blog content (2023+)
I liked this article. Recently we reviewed a proposed DB encryption scheme that commited the 4th mistake. Intuitively this seemed wrong. We wrote this up, said "you can't do that." But I would like to offer an alternative, really would like to find and specify something of an industry standard approach. So far found nothing. Have you seen anything bordering on a standard approach to DB encryption that meets with your approval?
Yeah, I've seen some db encryption where keys are elsewhere; to be honest, I forgot what the names were; I suspect that just googling for "database encryption" will unearth then ...
Post a Comment