Loading ...
Sorry, an error occurred while loading the content.
 

REVIEW: "Cryptography in the Database", Kevin Kenan

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKCRPDBS.RVW 20051111 Cryptography in the Database , Kevin Kenan, 2006, 0-321-32073-5, U$44.99/C$62.99 %A Kevin Kenan www.KevinKenan.com %C P.O. Box
    Message 1 of 1 , Feb 6, 2006
      BKCRPDBS.RVW 20051111

      "Cryptography in the Database", Kevin Kenan, 2006, 0-321-32073-5,
      U$44.99/C$62.99
      %A Kevin Kenan www.KevinKenan.com
      %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
      %D 2006
      %G 0-321-32073-5
      %I Addison-Wesley Publishing Co.
      %O U$44.99/C$62.99 416-447-5101 800-822-6339 bkexpress@...
      %O http://www.amazon.com/exec/obidos/ASIN/0321320735/robsladesinterne
      http://www.amazon.co.uk/exec/obidos/ASIN/0321320735/robsladesinte-21
      %O http://www.amazon.ca/exec/obidos/ASIN/0321320735/robsladesin03-20
      %O Audience a Tech 2 Writing 1 (see revfaq.htm for explanation)
      %P 277 p.
      %T "Cryptography in the Database: the Last Line of Defense"

      The preface states that the intended reader is the technical lead for
      the protection of information in a database. This person should be
      well familiar with databases, and have a passing knowledge of
      cryptography.

      Part one deals with database security. Chapter one states that
      databases are important, and we should protect them. A brief review
      of database concepts (limited to relational databases) and a rather
      longer, and quite complete, overview of cryptography, is in chapter
      two.

      Part two outlines a cryptographic infrastructure. Chapter three
      examines keys and key management. Algorithms, and symmetric block
      algorithm modes, are covered in chapter four. More of key management
      is addressed in chapter five. Chapter six looks at the logical
      (rather than programming) interfaces between encryption, decryption,
      and the application.

      Part three reviews the overall cryptographic project. Chapter seven
      discusses project management. Ways of specifying security aspects of
      the system are suggested in chapter eight, while nine examines design.
      Some general principles for secure implementation are listed in
      chapter ten. Various types of testing are reviewed in chapter eleven.
      Chapter twelve looks at the deployment, monitoring, and removal of an
      application.

      Part four contains sample Java code. There is an explanation of the
      code, and then a key vault, manifest, manager, engine, cryptographic
      service provider, client, exception handling code, and a run of the
      system in operation.

      Rather than an actual text on the special needs of databases for
      cryptography, this is more like a general review of cryptographic
      concepts with some attention paid to examples that would deal with
      certain database issues. The material is sound enough, as far as it
      goes. But those who maintain large databases and wish to see
      practical solutions for the problems they face may be disappointed.

      copyright Robert M. Slade, 2005 BKCRPDBS.RVW 20051111


      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      My son, beware ... of the making of books there is no end,
      and much study is a weariness of the flesh. - Ecclesiastes 12:12
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.