问题
I need to design an application that protects some data in a database against root attack. It means, that even if the aggressor takes control over the machine where data is stored or machine with the application server, he can't read some business critical data from the database. This is a customer's requirement. I'm going to encrypt data with some assymetric algorithm and I need some good ideas, where to store private keys, so that data is secure as well as the application usability was quite comfortable? We can assume, for simplicity, that only one key pair is used.
回答1:
I am not sure about the database options, but it's worth to have a look at Oracle Advanced Security(OAS). But, the key is not stored inside the database but in Oracle wallet (OS managed), as far as I can see, compromising this is hard.
OAS supports encryption at tablespace level and at column level. All these, it claims to be performing with no overhead.
回答2:
This is a customer's requirement.
Customer's requirements must be projected onto the real world.
If your application can read some business data, and if the aggresor takes control of your application, then the agressor can read that business data.
Assymetric cryptography won't do magic.
回答3:
The place to store the private key is with the client, and decrypt it only on the client. The data would need to be at no time decrypted, read or passed through the server in unencrypted form.
回答4:
Have a look at this question, especially to the resources mentioned in the original question.
I can endorse the book as an excellent overview of the problems in building this kind of systems.
来源:https://stackoverflow.com/questions/2653180/architecture-of-a-secure-application-that-encrypts-data-in-the-database