Date post: | 08-Apr-2016 |
Category: |
Documents |
View: | 221 times |
Download: | 0 times |
1. DB Security Software
▫ The world’s first open source license distribution Official open source project site : dev.naver.com/dbshield
▫ Domestic & Global standard symmetric key algorithm implementation
▫ Cryptographic hash algorithms “SHA2” implementation▫ Oracle & open source database Mysql's plug-in support
▫ JAVA/PHP API method support▫ DB Column-level encryption
▫ Interworked with log server & reporting connection-condition
Features
- SEED, AES encryption algorithm applied - cipher modes of operation support : ECB, CBC - Security reinforcement by Initial Vectors, Salt support
- Masking : Card number, banking account etc.
- High speed processing of encryption-decryption by memory loading
- Key zeroization, back-up, restoration
Web-based UI : Policy & key configuration
Session level DB access logging
Access Control
Funct ion
Policy-based control : Registered IP & DB User based access controlBehavior-based control : Threshold based access control
Exception of behavior-based control when security manager permitted
Log reporting
1. DB Security Software
Cryptographic algorithmCipher modes of operation
Initial vectorPartial encryption
Masking Management DB
p o l i c y s e r v e r
D B s e r v e r
Cryptographic APIKey, Policy Uploader
Web application JAVA,PHP
DB encryption Plug-inKey, Policy Uploader
Oracle Mysql
1. DB Security Software
DB secur i ty sof tware concept
Cryptographic policy management
Access control management
Policy based controlBehavior based control
k e y s e r v e r
key managementKey creation
Key distributionKey back-up
W e b s e r v e r
Upload key & policy to memory by requesting key to server & decryption
EncryptionDecryption
Access controlInspection logging
Upload key & policy to memory by requesting key
to server & decryption
EncryptionDecryption
Access controlInspection logging
Plain text
SELECT jumin FROM A;INSERT A;UPDATE FROM A;
SELECT Decrypt{jumin} FROM A;
Examples of Software composition
API method
DB Server
WEB Server
DBA(Console/Management Server etc.)
Web applicationJAVA,PHP
API(encryption/decryption)
Plug-in(encryption/decryption)
TABLE A
DB Plug-In method
DB Server
WEB Server
DBA(Console/Management Server etc.)
Plug-in(encryption/decryption)
A_CIPHERVIEW ATRIGGER
SELECT jumin FROM A; INSERT A; UPDATE FROM A;
1. DB Security Software
Web applicationJAVA,PHP
Coded text
p o l i c y k e y s e r v e r
[memory]
p o l i c y k e y s e r v e r
[memory]Cryptographic PolicyAccess control PolicyKeyWork control
API code addition to user program Changes of column size for table back-up & encryption
Batch encryptionRecommend of table rebuilding etc.
Cryptographic PolicyAccess control PolicyKeyWork control
No user program changesExisting table back-up & cipher table Creation
Drop or rename of existing table Creation view & trigger in DB
2. Fo4s Framework (Free software,Open source For Security)
Fo4s Framework Concept
APP DB Security API
Server Firewall
OS
Install
Operation Tools
Normal traffic
INTERNET
LocalDISK
Log Save
User Web
Server
Report
M a n a g e m e n t
S e r v i c e
S y s t e m
Vulnerability scan tool
Web Server
Vulnerability attack/Bad traffic
Web Firewall
Service,
Performance information
LogTransfer
Monitoring Server
LogServer
Cryptographic Plug-in
User DB Server
Install &Operation Guide S/W Upgrade Rule Config Detect &Analyze Inspection
ConsultingVulnerability scan ImplemetationSupport
SecurityOperation Support Accident analysis
Strong Po in t
2. Fo4s Framework (Free software,Open source For Security)
Total security solution for people & business
Highly developed open source technologies enable cost effectively
Using various open source for information security enables security threat detecting largelyContinual addition of function & selectional adaptation for user environment available
Qualified total framework by the world’s numerous user experience for company IT infra protection
response for information security threat
Easier in install & operation & lower in ripple effect than high price H/W type solutionEasy to config & upgrade by offering easy tools in case of no security specialist
Effective security operation available by technical service for vulnerability scan, consulting, training, construction & operation
2. Fo4s Framework (Free software,Open source For Security)
System Layer Management Layer Service Layer
* 3 layers enable addition & combination by user request
S t rong Po in t
Open solution for user request in web application vulnerability
scanner, web application firewall, DB encryption, access control,
server based firewall, log server, reporting, monitoring, certification
server, OS hardening etc.
Install & operation guide, technical document,
threat detection & analysis, inspection, technical Q&A
by community etc.
vulnerability scan, consulting,
education & training, implementation support, accident response etc.
* S/W type solution’s strong point than H/W type solution
Minimizing of down time in set-up : H/W type occur all connected IT system’s down time Narrow scope of disability Cost effective : Just upgrade charge, specially no charge in open source No network changes, no traffic effect
2. Fo4s Framework (Free software,Open source For Security)
* Strong point of open source
75%
99%
2010 2016
No supplier lock-in effect
Strong Po in t
Government encourages open source based highly effective technology and numerous company now introduce and apply
Up to 2016, 99% of IT company will use open source (Gartner, 2013)
Open source based technologies lead the IT industry in web, mobile, big data and cloud area
JIMANT TECHNOLOGY’S technical skills can overcome weakness of open source
2. Fo4s Framework (Free software,Open source For Security)
Individual User Model IDC Applied Model
Software Rule
Open source Respository Fo4s
Respository
User Server
INTERNET
Open source Respository
Fo4s Respository
IDC
INTERNET
Serv ice Concept
General security solution model for user server in all physical position & size
Applied in IDC model for client’s total care service (Direct & fast response to any problem in information security)
Install/Operation toolManual/GuideCommunity(Fo4s.com)
& Customized Service
Vulnerability ScanTraining
Technical support etc.User Server
In requesting hosting & co-location, Config by prior requesting Install/Operation tool
Manual/GuideCommunity(Fo4s.com)
& Customized Service
Vulnerability ScanConsulting
TrainingSecurity Control
Technical support etc.
IDC Technical support center