[ale] [OT] TDE - effective, theatre or in between?

Jim Kinney jim.kinney at gmail.com
Fri Aug 9 16:05:46 EDT 2013


yay! Someone else having HIPPA fun!

I would argue LOUDLY that unless the DB supports something as potent as
SEPOSTGRES (column locking at the kernel level) and fully-encrypted
filesystem then it's not safe to even concider it. That will block out M$
AND Oracle :-)

row-level locking with sepostgres is not ready for primetime.

Now talk to them about MLS security and watch their eyes pop.


On Fri, Aug 9, 2013 at 3:36 PM, Sid Lane <jakes.dad at gmail.com> wrote:

> can anyone cite a known PII/PHI breach which all else equal TDE would have
> prevented?  if not can you describe such a hypothetical breach (again, all
> else equal)?  no points for lost unencrypted backups - that's operator
> error & trivially avoided..
>
> I've been tasked with developing & deploying a database encryption
> strategy for HIPAA-governed PHI & have lots of people touting M$ and/or
> Oracle TDE.  I've put a fair bit of effort into studying each and I'm
> having a hard time envisioning actual vectors and/or real world attacks
> against which they would protect (again, all else equal).  as near as I can
> tell they DO guarantee that your backups are encrypted which does have
> merit but there are dozens of non-TDE (virtually all far cheaper) to
> encrypt a database backup.  additionally, as near as I can tell they
> decrypt into shared memory & may (but don't require) re-encrypt for
> transport (SSL to client).  am I wrong on these points?
>
> I was on a call today w/a vendor where it was asked:  "well, what if they
> physically steal your server?"  to which I replied:  "well, they'd have a
> nice doorstop since database is on SAN" which naturally begged:  "well,
> what if they steal your SAN?" - um, if someone's able to steal a
> multi-cabinet VSP in under four hours without at least six people & a
> palette jack & get it off your dock then database encryption (or lack
> thereof) may not be your highest priority...
>
> I realize we're probably still going to have to do it anyway to appease
> auditors, govt, etc - I just want to know if there's something I'm missing
> that will convince me this is substantive & not theatre...
>
> thanks!
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>


-- 
-- 
James P. Kinney III
*
*Every time you stop a school, you will have to build a jail. What you gain
at one end you lose at the other. It's like feeding a dog on his own tail.
It won't fatten the dog.
- Speech 11/23/1900 Mark Twain
*
http://heretothereideas.blogspot.com/
*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130809/f6de3f06/attachment.html>


More information about the Ale mailing list