Database Encryption Solutions
Implementing Encryption Inside the DBMS
Tricryption software enhances application and Database Management System (DBMS) security when accessing and utilizing relational databases. It encrypts and decrypts data at the row, column, and element level also securing data-to-data relationships by encrypting the relational database table links. A co-located or separate linked key server and related key database supports the key management and data encryption.
Data encryption functions are supported by applications accessing all standard relational databases, or directly on database servers running a limited number of DBMSs (Oracle and MS SQL only).
Tricryption data level encryption solutions support:
All major relational databases (DB2, Oracle, MS SQL, MySQL…)
Programming languages: C, C++, Java, and COM/.Net
Server independence; IBM WebSphere optimized
Granular database encryption: row, column, and cell
Data relationship encryption (table to table in RDBMS)
Broad to granular key to encrypted data mapping
Tricryption enables granular relational database encryption at the row, column, data element, and data-to-data relationship levels, providing users with flexible and tailored data security solutions that can be optimized for security, query response, and enterprise architectures.
There are many database encryption option combinations within Tricryption. File level encryption within a Relational Database can be supported by our File Level Encryption product (Please visit the File Level Encryption Page). For granular database encryption there are two main options:
Application Based Database Encryption:
Tricryption supports integration with stand-alone applications or those hosted on application servers. Through use of our Application Server Agent, developers may integrate encryption functions and make their applications ‘Tricryption aware’. This is accomplished through use of libraries that facilitate development in C, C++, Java 2 Standard Edition (J2SE) and Java 2 Enterprise Edition (J2EE), and COM/.Net. All Tricryption cryptographic and management functions are exposed via an API enabling developers to integrate functions into the targeted application. There are two categories of application integration supported by Tricryption:
Developers can integrate functionality to targeted applications through supported programming languages (C, C++, Java J2SE, and COM/.Net). Integration is OS independent. Application Servers: Developers can integrate functionality to applications hosted on servers through supported programming languages (Java J2EE & COM/.Net). Java integration is OS independent, while COM/.Net supports Microsoft Internet Information Server (IIS). J2EE also supports Tricryption IBM WebSphere optimization as well as BEA Web Logic application.
Whether standalone or application server based, Tricryption supports all industry standard Relational Databases Relational Database Management System (RDBMS) Encryption: Tricryption can also be integrated into RDBMS database servers through the use of our APIs and SQL-92 Standard (Transitional/NIST). Developers can create linkages from the RDBMS to Tricryption Services through several ways. Databases supporting this option include Oracle and Microsoft SQL Server.
Granular Database Benefits:
Tricryption granular encryption and key management represent a significant advantage to customers that require flexibility in both implementation and operational use. The flexibility benefits include:
Encrypted Data Granularity:
Tricryption allows row, column, and cell level encryption and also allows the user to select RDBMS table-to-table relationships for encryption.
Implementation Options: Tricryption can be integrated into stand-alone applications, application servers, and database servers supporting nearly all commonly used relational databases used today.
Selectable Security & Performance Levels: An organization may optimize its system with regards to security versus response. Key to data mapping and key server scaling are a few of the options that Tricryption provides. You can select the security and response you need.
Insider Threat Mitigation: System and database administrators can perform their duties without access to data content. Backups and other tasks are supported as usual.