DOI QR코드

DOI QR Code

Technical Architecture for Implementation and Adoption of Database Encryption Solution

데이터베이스 암호화 솔루션 구현 및 도입을 위한 기술적 아키텍처

  • 이병엽 (배재대학교 전자상거래학과) ;
  • 임종태 (충북대학교 정보통신공학과) ;
  • 유재수 (충북대학교 정보통신공학과)
  • Received : 2014.04.29
  • Accepted : 2014.06.05
  • Published : 2014.06.28

Abstract

Through the development of internet mobile devices and online business activation, sensitive data of unspecified user is being easily exposed. In such an open business environment, the outflow of sensitive personal information has often been remarked on recently for which adoption of encryption solution for database became top priority in terms of importance. In 2011, government also legislated for the protection of personal information as an information network law, and is now applying the law to a variety of industries. Firms began to comply with these regulations by establishing various measures for protection of personal information and are now quickly introducing encryption solution to reinforce security of personal information they are managing. In this paper, I present architecture and technological parts that should be considered when introducing security solution.

Keywords

Database Security;Security Architecture;Security Checklist;Protect privacy Information

Acknowledgement

Supported by : 정보통신산업진흥원

References

  1. http://datalossdatabase.org/reportsPublicly Reported Data Breaches by DataLoss데이터베이스, 2005-2008.
  2. Report on IT Security priorities for 2009 by Forrester Research.
  3. http://download.oracle.com/docs/cd/E11882_01/network.112/e10746/asointro.htm#i1008719 Advanced Security Administrator's Guide.
  4. http://download.oracle.com/docs/cd/E11882_01/server.112/e10576/dvintro.htm#CEGBCJCB, Database Vault Administrator's Guide.
  5. http://download.oracle.com/docs/cd/E14472_01/doc.102/e14459/avadm_intro.htm#sthref30, Audit Vault Administrator's Guide.
  6. http://law.go.kr/LSW/lsSc.do?menuId=0&p1=&query=%EC%A0%95%EB%B3%B4%ED%86%B5%EC%8B%A0%EB%A7%9D+%EC%9D%B4%EC%9A%A9%EC%B4%89%EC%A7%84+%EB%B0%8F+%EC%A0%95%EB%B3%B4%EB%B3%B4%ED%98%B8+%EB%93%B1%EC%97%90+%EA%B4%80%ED%95%9C+%EB%B2%95%EB%A5%A0&x=3&y=9
  7. http://www.kisa.or.kr/jsp/public/laws/laws3.jsp
  8. http://olv.moazine.com/rviewer/index.asp
  9. http://blog.daum.net/kcc1335/1890
  10. http://dataloss데이터베이스.org
  11. 김정숙, "소프트웨어 보안을 위한 시큐어 코딩", 한국콘텐츠학회논문지, 제14권, 제1호, pp.386-399, 2014.
  12. 이병엽, 박준호, 유재수, "데이터베이스 규제 준수, 암호화, 접근제어 유형 분류에 따른 체크리스트 구현", 한국콘텐츠학회논문지, 제11권, 제2호, pp.61-68, 2011. https://doi.org/10.5392/JKCA.2011.11.2.061