December 22, 2005


Cryptography in the Database: The Last Line of Defense. By Kevin Kenan. Symantec Press/Addison-Wesley. $44.99.

     Encryption can contain the seeds of its own undoing.  Sony BMG Music discovered this when it included a hidden file to prevent certain forms of use of songs on several dozen of its CD releases, only to have hackers take advantage of the file’s invisibility and nonremovability to create malware on computers whose owners were unknowingly running the automatically installed code.  The major public embarrassment for Sony BMG led to a recall of nearly five million CDs, removal programs being created by Microsoft and (ineffectively) by Sony itself, and (of course) a spate of lawsuits.

     Despite cautionary examples such as this one, any database manager knows that protection of information is crucial – and, in many cases, a legal obligation.  Kevin Kenan, who leads Symantec Corporation’s information technology application and database security program, protects data for a living.  In this book, he shows other database managers how to do it.

     Understanding the book’s audience is important.  The first of this book’s four parts, “Database Security,” contains a great deal of information that a reasonably well-informed computer user will be able to understand and that will add to his or her knowledge of the environment in which data are created, collected, protected and compromised today.  But the three other parts of the book – “A Cryptographic Infrastructure,” “The Cryptographic Project” and “Example Code” – are strictly for professionals who handle corporate databases.

     Those professionals will find an exceptionally to-the-point presentation here, starting with a basic philosophical overview (“the more data a key encrypts, the weaker it becomes”) and continuing step by step through creation of a well-protected database from the initial “state of primordial innocence” through completion.  Kenan shows not only how to build a database that is secure from outside intrusion but also how to make sure it cannot be compromised from within: have different programmers work on different security-sensitive components, make different system administrators responsible for different areas, etc.  Any reader who thinks this approach steps over the line from security consciousness to paranoia needs to read more news headlines about data disruption and compromise.

     Kenan shows how to design, build and test an encrypted database, and how to decommission one that is no longer needed.  His “Example Code” section, the longest part of the book, gives precise technical instructions about code needed to implement the recommendations in the previous sections.  So what is to prevent hackers from reading Kenan’s book, learning his techniques and figuring out how to compromise them?  In theory, this cannot happen, since Kenan’s encryption system changes protective elements constantly in ways that are not predictable.  In practice, of course, purveyors of malware continue to surprise data defenders with their adaptability and cleverness at finding chinks in systems’ armor.  So Kenan’s road map should be seen as an excellent way to find a route to protection against today’s known threats – but should not be considered the be-all and end-all of data defense.  New attacks, in new forms, are a virtual certainty.

No comments:

Post a Comment