Enviar búsqueda
Cargar
DB vs. encryption
•
0 recomendaciones
•
111 vistas
T
Tomas Vondra
Seguir
Lightning talk introducing the idea of off-loading encryption to a trusted component.
Leer menos
Leer más
Tecnología
Denunciar
Compartir
Denunciar
Compartir
1 de 19
Descargar ahora
Descargar para leer sin conexión
Recomendados
LDAP Injection
LDAP Injection
NSConclave
App Security and Securing App
App Security and Securing App
Andreas Schranzhofer
Fluentd and Docker - running fluentd within a docker container
Fluentd and Docker - running fluentd within a docker container
Treasure Data, Inc.
Fun with Macros & Other Sneaky Tricks to Avoid Detection - SANS Manchester 2020
Fun with Macros & Other Sneaky Tricks to Avoid Detection - SANS Manchester 2020
Greg Bailey
Fluentd and Docker - running fluentd within a docker container
Fluentd and Docker - running fluentd within a docker container
Treasure Data, Inc.
Secure Code Review 101
Secure Code Review 101
Narudom Roongsiriwong, CISSP
Talking TUF: Securing Software Distribution
Talking TUF: Securing Software Distribution
Docker, Inc.
Shift Left Security
Shift Left Security
gjdevos
Recomendados
LDAP Injection
LDAP Injection
NSConclave
App Security and Securing App
App Security and Securing App
Andreas Schranzhofer
Fluentd and Docker - running fluentd within a docker container
Fluentd and Docker - running fluentd within a docker container
Treasure Data, Inc.
Fun with Macros & Other Sneaky Tricks to Avoid Detection - SANS Manchester 2020
Fun with Macros & Other Sneaky Tricks to Avoid Detection - SANS Manchester 2020
Greg Bailey
Fluentd and Docker - running fluentd within a docker container
Fluentd and Docker - running fluentd within a docker container
Treasure Data, Inc.
Secure Code Review 101
Secure Code Review 101
Narudom Roongsiriwong, CISSP
Talking TUF: Securing Software Distribution
Talking TUF: Securing Software Distribution
Docker, Inc.
Shift Left Security
Shift Left Security
gjdevos
Security in open source projects
Security in open source projects
Jose Manuel Ortega Candel
Zeotap: Moving to ScyllaDB - A Graph of Billions Scale
Zeotap: Moving to ScyllaDB - A Graph of Billions Scale
ScyllaDB
Zeotap: Moving to ScyllaDB - A Graph of Billions Scale
Zeotap: Moving to ScyllaDB - A Graph of Billions Scale
Saurabh Verma
WSO2Con USA 2015: An Introduction to the WSO2 Analytics Platform
WSO2Con USA 2015: An Introduction to the WSO2 Analytics Platform
WSO2
Fluentd - Unified logging layer
Fluentd - Unified logging layer
Treasure Data, Inc.
GDG DevFest Ukraine - Powering Interactive Data Analysis with Google BigQuery
GDG DevFest Ukraine - Powering Interactive Data Analysis with Google BigQuery
Márton Kodok
G Data Retail 2011 English
G Data Retail 2011 English
Daniel Chee
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018
Paula Januszkiewicz
Game Analytics at London Apache Druid Meetup
Game Analytics at London Apache Druid Meetup
Jelena Zanko
Coding Security: Code Mania 101
Coding Security: Code Mania 101
Narudom Roongsiriwong, CISSP
Secure Programming
Secure Programming
alpha0
XP Days 2019: First secret delivery for modern cloud-native applications
XP Days 2019: First secret delivery for modern cloud-native applications
Vlad Fedosov
Safeguarding artifact integrity in your Software Supply Chain
Safeguarding artifact integrity in your Software Supply Chain
Giovanni Galloro
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebula Project
OpenNebulaConf 2019 - Crytek: A Video gaming Edge Implementation "on the shou...
OpenNebulaConf 2019 - Crytek: A Video gaming Edge Implementation "on the shou...
Dmytro Korzhevin
(In) Security graph database in real world
(In) Security graph database in real world
Miguel Hernández Boza
Enhance system transparency and truthfulness with request tracing
Enhance system transparency and truthfulness with request tracing
Sam Keen
DataEng Mad - 03.03.2020 - Tibero 30-min Presentation.pdf
DataEng Mad - 03.03.2020 - Tibero 30-min Presentation.pdf
Miguel Angel Fajardo
Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Rod Soto
[PASS Summit 2016] Blazing Fast, Planet-Scale Customer Scenarios with Azure D...
[PASS Summit 2016] Blazing Fast, Planet-Scale Customer Scenarios with Azure D...
Andrew Liu
CREATE STATISTICS - What is it for? (PostgresLondon)
CREATE STATISTICS - What is it for? (PostgresLondon)
Tomas Vondra
Data corruption
Data corruption
Tomas Vondra
Más contenido relacionado
Similar a DB vs. encryption
Security in open source projects
Security in open source projects
Jose Manuel Ortega Candel
Zeotap: Moving to ScyllaDB - A Graph of Billions Scale
Zeotap: Moving to ScyllaDB - A Graph of Billions Scale
ScyllaDB
Zeotap: Moving to ScyllaDB - A Graph of Billions Scale
Zeotap: Moving to ScyllaDB - A Graph of Billions Scale
Saurabh Verma
WSO2Con USA 2015: An Introduction to the WSO2 Analytics Platform
WSO2Con USA 2015: An Introduction to the WSO2 Analytics Platform
WSO2
Fluentd - Unified logging layer
Fluentd - Unified logging layer
Treasure Data, Inc.
GDG DevFest Ukraine - Powering Interactive Data Analysis with Google BigQuery
GDG DevFest Ukraine - Powering Interactive Data Analysis with Google BigQuery
Márton Kodok
G Data Retail 2011 English
G Data Retail 2011 English
Daniel Chee
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018
Paula Januszkiewicz
Game Analytics at London Apache Druid Meetup
Game Analytics at London Apache Druid Meetup
Jelena Zanko
Coding Security: Code Mania 101
Coding Security: Code Mania 101
Narudom Roongsiriwong, CISSP
Secure Programming
Secure Programming
alpha0
XP Days 2019: First secret delivery for modern cloud-native applications
XP Days 2019: First secret delivery for modern cloud-native applications
Vlad Fedosov
Safeguarding artifact integrity in your Software Supply Chain
Safeguarding artifact integrity in your Software Supply Chain
Giovanni Galloro
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebula Project
OpenNebulaConf 2019 - Crytek: A Video gaming Edge Implementation "on the shou...
OpenNebulaConf 2019 - Crytek: A Video gaming Edge Implementation "on the shou...
Dmytro Korzhevin
(In) Security graph database in real world
(In) Security graph database in real world
Miguel Hernández Boza
Enhance system transparency and truthfulness with request tracing
Enhance system transparency and truthfulness with request tracing
Sam Keen
DataEng Mad - 03.03.2020 - Tibero 30-min Presentation.pdf
DataEng Mad - 03.03.2020 - Tibero 30-min Presentation.pdf
Miguel Angel Fajardo
Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Rod Soto
[PASS Summit 2016] Blazing Fast, Planet-Scale Customer Scenarios with Azure D...
[PASS Summit 2016] Blazing Fast, Planet-Scale Customer Scenarios with Azure D...
Andrew Liu
Similar a DB vs. encryption
(20)
Security in open source projects
Security in open source projects
Zeotap: Moving to ScyllaDB - A Graph of Billions Scale
Zeotap: Moving to ScyllaDB - A Graph of Billions Scale
Zeotap: Moving to ScyllaDB - A Graph of Billions Scale
Zeotap: Moving to ScyllaDB - A Graph of Billions Scale
WSO2Con USA 2015: An Introduction to the WSO2 Analytics Platform
WSO2Con USA 2015: An Introduction to the WSO2 Analytics Platform
Fluentd - Unified logging layer
Fluentd - Unified logging layer
GDG DevFest Ukraine - Powering Interactive Data Analysis with Google BigQuery
GDG DevFest Ukraine - Powering Interactive Data Analysis with Google BigQuery
G Data Retail 2011 English
G Data Retail 2011 English
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018
Game Analytics at London Apache Druid Meetup
Game Analytics at London Apache Druid Meetup
Coding Security: Code Mania 101
Coding Security: Code Mania 101
Secure Programming
Secure Programming
XP Days 2019: First secret delivery for modern cloud-native applications
XP Days 2019: First secret delivery for modern cloud-native applications
Safeguarding artifact integrity in your Software Supply Chain
Safeguarding artifact integrity in your Software Supply Chain
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf 2019 - Crytek: A Video gaming Edge Implementation "on the shou...
OpenNebulaConf 2019 - Crytek: A Video gaming Edge Implementation "on the shou...
(In) Security graph database in real world
(In) Security graph database in real world
Enhance system transparency and truthfulness with request tracing
Enhance system transparency and truthfulness with request tracing
DataEng Mad - 03.03.2020 - Tibero 30-min Presentation.pdf
DataEng Mad - 03.03.2020 - Tibero 30-min Presentation.pdf
Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
[PASS Summit 2016] Blazing Fast, Planet-Scale Customer Scenarios with Azure D...
[PASS Summit 2016] Blazing Fast, Planet-Scale Customer Scenarios with Azure D...
Más de Tomas Vondra
CREATE STATISTICS - What is it for? (PostgresLondon)
CREATE STATISTICS - What is it for? (PostgresLondon)
Tomas Vondra
Data corruption
Data corruption
Tomas Vondra
CREATE STATISTICS - what is it for?
CREATE STATISTICS - what is it for?
Tomas Vondra
PostgreSQL performance improvements in 9.5 and 9.6
PostgreSQL performance improvements in 9.5 and 9.6
Tomas Vondra
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
Tomas Vondra
PostgreSQL na EXT4, XFS, BTRFS a ZFS / OpenAlt
PostgreSQL na EXT4, XFS, BTRFS a ZFS / OpenAlt
Tomas Vondra
PostgreSQL on EXT4, XFS, BTRFS and ZFS
PostgreSQL on EXT4, XFS, BTRFS and ZFS
Tomas Vondra
Performance improvements in PostgreSQL 9.5 and beyond
Performance improvements in PostgreSQL 9.5 and beyond
Tomas Vondra
Postgresql na EXT3/4, XFS, BTRFS a ZFS
Postgresql na EXT3/4, XFS, BTRFS a ZFS
Tomas Vondra
PostgreSQL on EXT4, XFS, BTRFS and ZFS
PostgreSQL on EXT4, XFS, BTRFS and ZFS
Tomas Vondra
Novinky v PostgreSQL 9.4 a JSONB
Novinky v PostgreSQL 9.4 a JSONB
Tomas Vondra
PostgreSQL performance archaeology
PostgreSQL performance archaeology
Tomas Vondra
Výkonnostní archeologie
Výkonnostní archeologie
Tomas Vondra
Český fulltext a sdílené slovníky
Český fulltext a sdílené slovníky
Tomas Vondra
SSD vs HDD / WAL, indexes and fsync
SSD vs HDD / WAL, indexes and fsync
Tomas Vondra
Checkpoint (CSPUG 22.11.2011)
Checkpoint (CSPUG 22.11.2011)
Tomas Vondra
Čtení explain planu (CSPUG 21.6.2011)
Čtení explain planu (CSPUG 21.6.2011)
Tomas Vondra
Replikace (CSPUG 19.4.2011)
Replikace (CSPUG 19.4.2011)
Tomas Vondra
PostgreSQL / Performance monitoring
PostgreSQL / Performance monitoring
Tomas Vondra
Más de Tomas Vondra
(19)
CREATE STATISTICS - What is it for? (PostgresLondon)
CREATE STATISTICS - What is it for? (PostgresLondon)
Data corruption
Data corruption
CREATE STATISTICS - what is it for?
CREATE STATISTICS - what is it for?
PostgreSQL performance improvements in 9.5 and 9.6
PostgreSQL performance improvements in 9.5 and 9.6
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
PostgreSQL na EXT4, XFS, BTRFS a ZFS / OpenAlt
PostgreSQL na EXT4, XFS, BTRFS a ZFS / OpenAlt
PostgreSQL on EXT4, XFS, BTRFS and ZFS
PostgreSQL on EXT4, XFS, BTRFS and ZFS
Performance improvements in PostgreSQL 9.5 and beyond
Performance improvements in PostgreSQL 9.5 and beyond
Postgresql na EXT3/4, XFS, BTRFS a ZFS
Postgresql na EXT3/4, XFS, BTRFS a ZFS
PostgreSQL on EXT4, XFS, BTRFS and ZFS
PostgreSQL on EXT4, XFS, BTRFS and ZFS
Novinky v PostgreSQL 9.4 a JSONB
Novinky v PostgreSQL 9.4 a JSONB
PostgreSQL performance archaeology
PostgreSQL performance archaeology
Výkonnostní archeologie
Výkonnostní archeologie
Český fulltext a sdílené slovníky
Český fulltext a sdílené slovníky
SSD vs HDD / WAL, indexes and fsync
SSD vs HDD / WAL, indexes and fsync
Checkpoint (CSPUG 22.11.2011)
Checkpoint (CSPUG 22.11.2011)
Čtení explain planu (CSPUG 21.6.2011)
Čtení explain planu (CSPUG 21.6.2011)
Replikace (CSPUG 19.4.2011)
Replikace (CSPUG 19.4.2011)
PostgreSQL / Performance monitoring
PostgreSQL / Performance monitoring
Último
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
Pixlogix Infotech
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Radu Cotescu
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
hans926745
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
wesley chun
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Neo4j
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
Último
(20)
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
DB vs. encryption
1.
DB vs. encryption
2.
credit card numbers
3.
credit card numbers (or
anything sensitive)
4.
full-disk encryption ● ● ● ● pgcrypto
5.
full-disk encryption ● data-at-rest
protection (theft of device) ● SQL injection ● filesystem-level access ● evil DBA pgcrypto
6.
full-disk encryption ● data-at-rest
protection (theft of device) ● SQL injection ● filesystem-level access ● evil DBA pgcrypto ● data-in-flight protection ● easy to leak key into logs / monitoring systems
7.
application-level encryption
8.
application (encrypt + decrypt) database
9.
can't compare /
hash values => no indexing, aggregation, ...
10.
can't compare /
hash values => no indexing, aggregation, ... (a lot of processing moves to app)
11.
So what can
we do about it?
12.
application (encrypt + decrypt) database
13.
application (encrypt + decrypt) database crypto (compare)
14.
application (encrypt + decrypt) database crypto (compare) compare(A,B)
15.
application (encrypt + decrypt) database crypto (compare) compare(A,B) -1/0/1
16.
application (encrypt + decrypt) database ●
CREATE INDEX ● GROUP BY ● WHERE crypto (compare)
17.
host B host C application (encrypt
+ decrypt) database ● CREATE INDEX ● GROUP BY ● WHERE crypto (compare) host A TCP
18.
host B TrustZone /
SGX HSM / usbarmory application (encrypt + decrypt) database ● CREATE INDEX ● GROUP BY ● WHERE crypto (compare) host A IPC
19.
https://github.com/tvondra/ccnumber ● PoC /
ugly prototype ● custom encrypted data type ● trusted component (comparator) ● communication over TCP/IP
Descargar ahora