Computer SecurityCS 426Lecture 22Database Encryption Elisa BertinoPurdue UniversityIN, [email protected] problem• How to protect the confidentiality of sensitive data in the database?• Sensitive data examples: credit card numbers, medical data, new product specifications, etc.• Possible risks to data confidentiality:¾ Use of weak authorization (for example weak or blank passwords) leading to access to confidential information (for example, payrolls) by unauthorized persons¾ Misconfiguration of access control¾ Authorized backdoors into the database (read-only accounts, non-production databases, backups)¾ Database administrators can access, inadvertently or maliciously, online data and backup data¾ SQL injection attacks through a poorly coded Web application The problemattackers & protection goals• Who could be the attackers? How to make their attacks more difficult (aka protection goal)?¾ System and database administrators:¾ They may have full access to everything in their administrative domain¾ Protection goal: make it difficult and time-consuming for them to read confidential information; use separation of duties; employment screening ¾ Development staff:¾ They have an intimate knowledge of the code; they often obtain troubleshooting read-only rights to the production database to deal with emergency production problems¾ Protection goal: prevent compromise of the data even when they have access to the database• Who could be the attackers? How to make their attacks more difficult (aka protection goal)?¾ Network intruders:¾ A network intruder is an unauthorized person who has gained access to the network. (S)he may attempt to eavesdrop the communication (for example those btw the application and the Database server) to gather confidential information or authentication credentials, or might attempt to crack the application.¾ Protection goal: encrypt communication and use application-level controlsThe problemattackers & protection goals• Who could be the attackers? How to make their attacks more difficult (aka protection goal)?¾ Application crackers:¾ They try to circumvent application security to gain unauthorizedaccess. They can be considered like unauthorized users, but theymay also be able to impersonate a legitimate user.¾ Worst case: the cracker gains administrative privileges¾ Protection goal: make access to the database “difficult” and time-consuming; mitigate SQL injections¾ Legitimate users:¾ (s)he may try to elevate his privileges, or to impersonate another legitimate user¾ Protection goal: strong authentication controlsThe problemattackers & protection goals• Who could be the attackers? How to make their attacks more difficult (aka protection goal)?¾ “traditional thieves”:¾ They might steal the database or the backup media¾ While database servers are typically kept in locked and limited-access data centres (physical security), backup media might leave the premises and are more exposed to theftThe problemattackers & protection goalsExternal requirements• Legislations requiring the protection of data confidentiality:• Health Insurance Portability & Accountability Act (HIPPA)• Sarbanes-Oxley Act (SOX)• Gramm-Leach-Biley Act (GLBA)• Children’s Online Privacy Protection Act (COPPA)• Business ComplianceHealth Insurance Portability & Accountability Act (HIPPA):• It requires data safeguards that protect against “intentional or unintentional use or disclosure of protected health information “, and• it mandates “to ensure the confidentiality, integrity and availability of all electronic protected health information the covered entity creates, receives, maintains, or transmits”• It mandates “to implement a mechanism to encrypt and decrypt electronic protected health information”External requirementsBusiness Compliance:• Payment Card Industry (PCI) Data Security Standard• Stored cardholder data must be rendered unreadable, and it includes cryptographic methods in the recommended controls• Adopted by American Express, Visa, MasterCard and several other payment card companiesExternal requirementsThe solution• We have already discussed authentication and access control as means to allow access to the data to authorized persons only • However, authentication & access control may not be enough (DB administrators can still access and see the data)• If data are sensitive it is also possible to encrypt them• Data encryption is the last barrier to protect sensitive data confidentialityEncrypting the databaseWhich type of encryption (symmetric or asymmetric)?Encryption vs. ObfuscationCryptographic risksWhat should be encrypted?Which component should perform the encryption?• Symmetric key cryptography• DES, AES• Faster than asymmetric cryptography•PROs• Performance•CON’s• Key management:• Since the same key is used both to encrypt and decrypt, the key must be distributed to every entity that needs to work with the data• If the key is obtained by an attacker, then confidentiality (andintegrity) of data are at risk• Once the key is at the decrypting location, it must be secured so that an attacker can not steal itWhich type of encryption?• Asymmetric key (i.e., public-private key) cryptography• The keys used to encrypt and decrypt the data are different. This doesn't require a shared secret, BUT• It still requires the owner of the keys to keep secret the private key Which type of encryption?Obfuscation• In cryptography, obfuscation refers to encoding the input data before it is sent to a hash function or other encryption scheme. • This technique helps to make brute force attacks unfeasible, as it is difficult to determine the correct cleartext• In certain cases, obfuscation would be preferable to encryption• Example: an audit report on a medical system• This report may be generated for an external auditor, and contain sensitive information. The auditor will be examining the report for information that indicates possible cases of fraud or abuse.• Assume that the management has required that Names, Social Security Numbers and other personal information should not be available to the auditor except on an as needed basis. • The data needs to be presented to the auditor, but in a way that allows the examination of all data, so that patterns in the data may be detected. • Encryption would be a poor choice in this case, as the data would be