Securing Data in - PowerPoint PPT Presentation

About This Presentation
Title:

Securing Data in

Description:

Transit and Storage. Sanjay Beri. Co-Founder & Senior Director of Product Management ... Protecting data at the field level in storage is vital ... – PowerPoint PPT presentation

Number of Views:66
Avg rating:3.0/5.0
Slides: 21
Provided by: jorge3
Category:
Tags: data | securing | storage

less

Transcript and Presenter's Notes

Title: Securing Data in


1
  • Securing Data in
  • Transit and Storage
  • Sanjay Beri
  • Co-Founder Senior Director of Product
    Management
  • Ingrian Networks

2
Presentation Goal
How To Protect a Corporations Sensitive Assets
throughout the Web Server and Storage
Infrastructure with a Centralized,
Network-Attached Architecture
3
Speakers Background
  • Ingrian Networks is an application security
    company specializing in protecting the privacy
    and integrity of your data, whether it is in your
    database, being transported via JMS, etc, etc
  • Sanjay Beri holds several patents in the area of
    Internet security, has led the design and
    development of software, firmware and hardware at
    various small to large companies, and is a
    co-founder of Ingrian Networks and responsible
    for their product management and strategy

4
Presentation Agenda or Key Topic Areas
  • What is The Data Privacy Problem?
  • How Do You Solve The Problem?
  • Which Solution Architecture Do You Need?
  • Examples of Using Ingrian NAE
  • Summary

5
The Unprotected Zone
Database Storage Sys NAS
Web Server
Application Server
Network Switch
Client
Firewall
The Internet
AA
SSL
Unprotected transaction zone!
App Firewall
IDS
Sensitive data in the backend is very
vulnerable to internal and external attacks.
6
Unprotected Zone Threats
  • Theft
  • Modification
  • Defacement
  • Unauthorized viewing
  • Fraudulent distribution
  • In general, any other unauthorized or
    unsanctioned activity

For-money hackers
internal threats
competitors
For-fun hackers
7
Area A Inter-Application Server
s
Database Storage Sys NAS
Web Servers
Application Servers
Unprotected transaction zone!
JMS, SOAP, RMI, IIOP, RMI over IIOP, JRMP, or
something else? Regardless of the protocol, the
DATA being transported must be protected against
the many threats, and this must be done in a
manageable fashion.
8
Area B Application Server to Storage
Database Storage Sys NAS
Web Servers
Application Servers
Unprotected transaction zone!
JDBC, ODBC, OLE-DB, or something else? Regardless
of the protocol, the DATA being transported must
be protected against the many threats.
9
Area C Data while in Storage
Database Storage Sys NAS
Web Servers
Application Servers
Unprotected transaction zone!
Oracle9i, DB2, some other database? Server,
mainframe, or something else? NAS, SAN,
etc? Regardless of where the DATA is stored and
how it is stored, the DATA must be must be
protected against the many threats.
10
Vulnerability Summary
Database Storage Sys NAS
Web Servers
Application Servers
A.
B.
C.
Unprotected transaction zone!
11
Remedy for A
Database Storage Sys NAS
Web Servers
Application Servers
A.
Sender Encrypt and Add Integrity
Check Receiver Verify Integrity and Decrypt
Unprotected transaction zone!
12
Remedy for B and C
Database Storage Sys NAS
Web Servers
Application Servers
Sender Encrypt and Integrity Check
or Fingerprint via Keyed Hash or Sign Receiver V
erify Integrity and Decrypt or Fingerprint Data
Again and Compare or Verify Signature
B.
C.
Unprotected transaction zone!
13
Key Considerations for a Solution
  • Security
  • Management and Administration
  • Scalability
  • Ease of Integration and Deployment

14
The Possible Solutions?
  • Solution 1 (only for C) Do it on the Storage
    System (eg. the database)?
  • Solution 2 Do it Per Web/Application Server?
  • Solution 3 Network-Attached Cryptographic
    Services?

Web Servers
Application Servers
Network Switch
Solution 2
Firewall
Solution 1 (only for C)
Database Storage Sys NAS
Solution 3
15
Security Comparison
16
Management Administration
17
Scalability Cost
18
The Best Solution
  • The Network-Attached solution is the best
    solution from all angles
  • Can remedy all 3 (A, B and C) vulnerabilities
  • Does it securely
  • Makes it easy to manage, monitor and administer
  • Does not burden existing infrastructure and
    scales easily

19
Network-Attached Encryption (NAE)
Database Storage Sys NAS
Web Servers
Application Servers
Ingrian Network-Attached Encryption Solution
  • Works with any web or application server
  • Works with any type of content (credit cards,
    passwords, patient records, entire files, images,
    spreadsheets, etc)
  • Works no matter where you store the data (e.g.,
    databases, servers, SANs, NAS, etc.)

20
Summary
  • Protecting data at the field level in storage is
    vital
  • Secure, easily manageable, centralized and
    consolidated key management and cryptography is
    vital
  • Network-Attached Cryptography and Key Management
    is the solution
  • This is what Ingrian Networks provides
  • (www.ingrian.com)
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Securing Data in" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!