• List Price: $54.99
  • Save: $19.32 (35%)
In Stock.
Ships from and sold by Amazon.com.
Gift-wrap available.
Cryptography in the Datab... has been added to your Cart
+ $3.99 shipping
Used: Very Good | Details
Condition: :
Comment: Former Library book. Great condition for a used book! Minimal wear. 100% Money Back Guarantee. Shipped to over one million happy customers. Your purchase benefits world literacy!
Access codes and supplements are not guaranteed with used items.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Cryptography in the Database: The Last Line of Defense Paperback – October 29, 2005

ISBN-13: 978-0321320735 ISBN-10: 0321320735 Edition: 1st

Buy New
Price: $35.67
23 New from $17.62 17 Used from $0.95
Amazon Price New from Used from
"Please retry"
$17.62 $0.95
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student

$35.67 FREE Shipping. In Stock. Ships from and sold by Amazon.com. Gift-wrap available.

Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Paperback: 312 pages
  • Publisher: Addison-Wesley Professional; 1 edition (October 29, 2005)
  • Language: English
  • ISBN-10: 0321320735
  • ISBN-13: 978-0321320735
  • Product Dimensions: 7 x 0.7 x 9.2 inches
  • Shipping Weight: 1.4 pounds (View shipping rates and policies)
  • Average Customer Review: 4.3 out of 5 stars  See all reviews (7 customer reviews)
  • Amazon Best Sellers Rank: #984,645 in Books (See Top 100 in Books)

Editorial Reviews

From the Back Cover

Protect Your Enterprise Data with Rock-Solid Database Encryption

If hackers compromise your critical information, the results can be catastrophic. You're under unprecedented pressure—from your customers, your partners, your stockholders, and now, the government—to keep your data secure. But what if hackers evade your sophisticated security mechanisms? When all else fails, you have one last powerful line of defense: database cryptography. In this book, a leading crypto expert at Symantec demonstrates exactly how to use encryption with your own enterprise databases and applications.

Kevin Kenan presents a start-to-finish blueprint and execution plan for designing and building—or selecting and integrating—a complete database cryptosystem. Kenan systematically shows how to eliminate weaknesses, overcome pitfalls, and defend against attacks that can compromise data even if it's been protected by strong encryption.

This book's 3,000 lines of downloadable code examples let you explore every component of a live database cryptosystem, including key vaults and managers, manifests, engines, and providers.

This book's coverage includes

  • Understanding your legal obligations to protect data

  • Constructing a realistic database security threat model and ensuring that you address critical threats

  • Designing robust database cryptographic infrastructure around today's most effective security patterns

  • Hardening your database security requirements

  • Classifying the sensitivity of your data

  • Writing database applications that interact securely with your cryptosystem

  • Avoiding the common vulnerabilities that compromise database applications

  • Managing cryptographic projects in your enterprise database environment

  • Testing, deploying, defending, and decommissioning secure database applications

Cryptography in the Database is an indispensable resource for every professional who must protect enterprise data: database architects, administrators, and developers; system and security analysts; and many others.

© Copyright Pearson Education. All rights reserved.

About the Author

Kevin Kenan leads Symantec's IT application and database security program. In this position, he works with application development teams to ensure that the applications and databases Symantec deploys internally are secure. This work includes specifying cryptographic solutions to protect sensitive information wherever it is stored.

    Prior to his work in Symantec's information security department, Kevin designed and developed applications for Symantec's information technology and product development teams often with an emphasis on security and cryptography. He previously provided enterprise support for Symantec's development tools, and he holds a Bachelor of Science in Mathematics from the University of Oregon.

Customer Reviews

4.3 out of 5 stars
Share your thoughts with other customers

Most Helpful Customer Reviews

15 of 16 people found the following review helpful By Stephen Northcutt on November 2, 2005
Format: Paperback
Iorn mountain, UPS both had very drastic failures this year, backup tapes with thousands of customer records were lost. Everybody in the industry is scrambling to figure out how to encrypt the backup tapes. Most of us feel the option of simply making a backup of already encrypted data is a better choice than piping the backup through an encryption process. This book arrives in our hour of need and it has the feel of a been there, done that author.

The code examples are MySQL and Java 1.4.2 and really helped me understand just what needs to happen. The majority of the book is platform agnostic, so if you run a different platform it will still be valuable.

The book is well written, well edited, well laid out, what you expect to see from Addison-Wesley and Symantec Press.

The only thing that drove me crazy about the book is on page 163, the author recommends HSMs ( Hardware Security Model) for storing the keys to the kingdom, yup, yup, I agree, we all agree. And then he goes on to say, Java 1.4.2 does not support this -- ouch! However, his code examples are a nice work around using AES on the local engine which is good'nuff.

Got sensitive data? Then get this book!
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
13 of 14 people found the following review helpful By Dr Anton Chuvakin on March 9, 2006
Format: Paperback
To be honest, when picking up this book, I was not interested in implementation details and internals of database cryptography (part II), but more in enabling database security by means of encryption (part I). Therefore, I was coming more from the user vs developer perspective. I was even less interested in managing the database cryptographic project.

As a result, I enjoyed the part I on database security with motivations, attacks against databases, threat models and a primer on securing databases with cryptography. If you are "doing security" read part I, if you are implementing database encryption or record hashing - read the rest of the book.

Dr Anton Chuvakin, GCIA, GCIH, GCFA is a recognized security expert and book author. A frequent conference speaker, he also participates in various security industry initiatives and standard organizations. He is an author of a book "Security Warrior" and a contributor to "Know Your Enemy II", "Information Security Management Handbook" and the upcoming "Hacker's Challenge 3". He also published numerous papers on a broad range of security subjects. In his spare time he maintains his security portal [...] and a blog at [...]
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
9 of 10 people found the following review helpful By Charles Hornat - www.infosecwriters.com on November 11, 2005
Format: Paperback
When I pick up a Symantec Press book, I will either love them or dislike them. I never have mixed emotions about them. This book I love. His book should be titled, Database Security. While the primary focus is on encryption, the author dives into several topics I wish some of my past DBAs had known.

The book is divided into four major parts: Database Security, A Crpytographic Infrastructure, The Cryptographic project, and Example Code. I however would calssify the book into two major parts. The first part is reading and understanding some fundamentals that are very important. Throughout this first part, there are many graphical presentations to help the reader understand, in a graphical way, what the author is discussing. This is most visible in the third chapter entitled An overview of Cryptographic Infrastructure.

The second part of the book is actual code written in Java, and designed for plain SQL, the author does confirm that all examples work in MYSQL. The examples give common scenarios such as consumer input. Consumer input requires first name, last name, credit card information, the verification code and other fields. This example discusses and demonstrates a best practice model around that code.

Given the two parts above, this book is solid, and I would have recommended it. However, the author went a step further, and included information on security surrounding the database, penetration testing and methodologies for databases, architecture and design best practices, and so many other important points. This makes this book valuable to anyone working with databases.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
7 of 8 people found the following review helpful By W Boudville HALL OF FAMETOP 1000 REVIEWERVINE VOICE on November 9, 2005
Format: Paperback
Much attention has been focused on network attacks by crackers, and how to stop these. So powerful software like Snort and Nessus have emerged, with books dedicated to them. But Kenan describes a relatively overlooked situation, where you might have to encrypt your database. The main reason is confidentiality. You don't want unauthorised usage. Either for copying or changing.

Here, you still have to defend against network attacks, possibly by using the above tools. But now there is the chance that your users or sysadmins might have nefarious intent. So the book shows how to design a system such that various columns in a SQL table can be encrypted. Different keys could be used for different columns, though a given key might apply over several columns if you wish.

The book uses a symmetric key cryptosystem. It downplays a PKI system. Those are slower. Plus their forte might be for distributed systems. Here, the scenario is more likely to be a central data centre.

There are several excellent system diagrams that nicely describe the data flow, and the various software (and perhaps hardware) players that make up the system. In essence, there needs to be an entire key management system along with a cryptographic engine. The former handles requests for a key by generating one and an alias for the key. Plus it stashes away the keys, preferably in a separate computer. There is even the necessity for a key to encrypt the keys!

Kenan also explains a "honeycomb". You may have heard of a honeypot, which is a dedicated computer or maybe an email account, that is used to attract crackers and spam. Well, a honeycomb could be a table in the database used for a similar purpose. Or even some rows in a given table.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

More About the Author

Discover books, learn about writers, read author blogs, and more.

Set up an Amazon Giveaway

Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
Cryptography in the Database: The Last Line of Defense
This item: Cryptography in the Database: The Last Line of Defense
Price: $54.99 $35.67
Ships from and sold by Amazon.com