 |
 |
 |
|
Contact
|
|
 |
|
 |
|
SafeLogic
27-29, rue Raffet
75016 Paris - FRANCE
| Tel |
+33 (0)1 45 72 25 15 |
| Fax |
+33 (0)1 45 72 14 06 |
|
|
 |
|
 |
|
SafeJDBC
|
Java Driver for Plug-and-Play SQL Encryption
Utilizing strong encryption to ensure SQL database security
is now fast and easy with the SafeJDBC Java Driver and its extensions
(C/C++, C#, Visual Basic, and .NET).
|
|
Security Threats to SQL Data
Enterprise SQL databases (DBMS) contain strategic information
that is both sensitive and confidential:
- Customer databases.
- Product databases.
- Employee databases (histories, salaries, private data).
- E-commerce databases (credit card numbers, transactions,
B2B).
and is therefore a potential target for:
- Competitors.
- Malicious insiders (the vast majority of attacks on SQL
data).
- Internet hackers.
SQL security measures habitually use:
- The native access restrictions and privileges provided
by the DBMS (login/password, GRANT/REVOKE).
- SSL or tunnels to secure the data flows between application
server and DBMS.
These measures do not protect the content of the database,
however, because the data files used by the SQL DBMS are stored
unencrypted.
An attacker accessing the SQL server physically or via the network
can still obtain your company's confidential or strategic data.
|
|
Securing SQL Databases with Encryption: Advantages and Disadvantages
The most reliable solution
for protecting sensitive data is to establish a procedure
to implement strong encryption at the application level, outside
the SQL DBMS. This is the approach recommended by security
experts (see the excellent White
Paper by RSA Security).
Encryption protects data in all cases: network intrusion, database dump, theft
of the hard drive.
This application-based approach does have disadvantages, however:
- New development efforts required (strong encryption).
- Applications must be rewritten.
- New test sets to create before deployment.
SafeJDBC eliminates these disadvantages by adding an application layer
for the SQL data encryption, with no changes to exisiting code
and no new development efforts required.
|
Buy your license online  |
|
Plug-and-Play Encryption of SQL Data Without Rewriting Code
There are two ways of calling SafeJDBC :
1. As a pure JDBC Driver
SafeJDBC is loaded as any JDBC Driver. The class name is "com.safejdbc.api.Driver":
| Call as a pure JDBC Driver
|
String sDriver = "com.safejdbc.api.Driver";
Class.forName(sDriver).newInstance();
Connection connection = DriverManager.getConnection(sDbUrl, prop);
|
The SafeJDBC driver is configured through an initialization file
which contains the connexion parameters for the wrapped driver
(class name, URI, login, etc.).
2. Call and configuration in the initialization Java code
SafeJDBC is declared at application startup, with 4 lines of code:
| Before
|
Class.forName(sNativeDriver).newInstance();
Connection connection = DriverManager.getConnection(sDbUrl);
|
| After
|
SafeJdbcSetter sjSetter = SafeJdbcSetter.getInstance();
sjSetter.setWrappedDriverName(sNativeDriver);
sjSetter.setSafeJdbcDbUrl(sJdbcUrl);
sjSetter.setKey(sUserId, caPassphrase);
Class.forName(sDriver).newInstance();
Connection connection = DriverManager.getConnection(sDbUrl);
|
SafeJDBC automatically encrypts and decrypts the data on the
fly, while using the existing application code.
The plug-and-play technology of SafeJDBC secures SQL databases
in order to achieve the following:
- Utilization of strong
encryption to secure confidential data in databases.
- Plug-and-play for
simple and immediate integration with existing applications.
- Minimal impact on
SQL performance.
- Interfaces with
the leading SQL DBMS products (open source and proprietary):
Microsoft SQL Server, DB2, Oracle, Sybase, Informix, PostgreSQL,
MySQL, etc.
With SafeJDBC, confidential
SQL data are always secure:
- The data are stored in encrypted form in the DBMS tables.
- The DBMS memory contains encrypted data.
- Exchanges between the SQL server and application server
are encrypted.
It is impossible for an attacker to use any content obtained
during an attack or intrusion, because the data are encrypted
with an unknown key.
|
| Buy your license online |
|
Uses
- Customer information.
- Employee records.
- Research & Development data.
- Financial and commercial data.
- E-commerce transactions (credit card numbers).
|
|
Examples
Inserting secure data with SafeJDBC:
Selecting secure data with SafeJDBC:
|
|
Technology and Characteristics of SafeJDBC
- SafeJDBC is a universal plug-and-play JDBC driver:
- SafeJDBC directly integrates with the Java client
code, with no additional development required.
- SafeJDBC runs with any JDBC driver (2.x or 3.0).
- SafeJDBC is available for any SQL 92 DBMS that has
a JDBC client.
- SafeJDBC takes into consideration SQL performance issues
and data handling constraints:
- No accessing the SQL catalog.
- Encryption operations occur only in the client application,
within the JVM (Java Virtual Machine).
- No additional traffic between the application server
and SQL server.
- Little or no impact on SQL runtimes.
|
|
Advantages of SafeJDBC
- Designed to provide immediate data security while accommodating
existing applications and production constraints.
- Deployment is fast, reliable, flexible, and economical.
- Data can be transported risk-free between an application
server and a DBMS server (without using SSL).
- Provides a central policy for maintaining data confidentiality
in a multidatabase environment.
|
| Buy your license online |
|
To find out more
See our:
Technical brief.
This includes:
- A factsheet (types of SQL handled, encryption keys and
algorithms, technical requirements, etc.).
- Availability for other languages and development environments
(C/C++, C#, Visual Basic, .Net).
User Guide.
- Installation Guide
- Getting started
- Examples
Javadoc.
- Complete and detailled decription of SafeJDBC API
|
|
