Encryption: All your (data) base are NOT belong to us!
If you were growing up during the personal computer boom you may notice that the title of this post is a joke with another joke. For details on that check the Wikipedia or the flash animation.
This is just a pretext to introduce a very serious subject. You probably know that Informix IDS can encrypt column data, but you may also know that it has some disadvantages (you cannot index encrypted data, you may have to change the applications etc.). There's nothing wrong with column encryption, but as with most of the features is has advantages and disadvantages.
Another option for encryption is to encrypt the files containing the data (chunks in IDS language). This brings up several questions:
- Performance
If you're doing data encryption you're consuming CPU cycles - Ease of use
Is it transparent to the database? And to the application? - Privilege users access
Can root work around the encryption? Usually, being root is like being God...
IBM has just released fixpack 1.1.3 of this product, which is the first version to support IDS (versions 11.10FC2 and 11.50). You can get more info about it at the product page ( http://www.ibm.com/software/data/db2imstools/database-encryption-expert/ ).
Up to now, it was certified for use with DB2, so it's probable that you find several references of the two products together. One of them which I find interesting, is a video showing it working with DB2, by Belal Tassi, a colleague from IBM Information Management:
As you can see from the product page, the fixpack Readme and the video above, it's transparent for the database, for the application and it can be setup to be safe even from root. It's also able to encrypt backups (it would be a breach of security to have your data encrypted and keep your backups without encryption). Hint: Version 11.10 introduced backup and restore filters...
The platforms supported at the moment are:
- AIX (64-bit):
- Linux (64-bit): Red Hat Advanced Server 4.0 Update 4
- Solaris 9
- Solaris 10 update 2
- Windows
Supported file systems
- Windows: NTFS
- AIX: JFS, JFS2, NFS, VxFS
- Solaris: UFS, NFS, VxFS
- RedHat: EXT3, NFS, VxFS
2 comments:
The manual that describes how to configure Encryption Expert with IDS is here: http://publib.boulder.ibm.com/epubs/pdf/eetuga13.pdf.
(from Inge Halilovic, ingeh@us.ibm.com)
Recently I downloaded the evaluation software for Informix dynamic server enterprise 11.5. I was expected that the excalibur text search is included but it is not included. Do you think there is available download for excalibur for evaluation?
Post a Comment