1. Field of the Invention
The present invention relates to databases. More specifically, the present invention relates to a method and an apparatus for using an external security device to secure data in a database without having to modify database applications.
2. Related Art
Banks, government agencies, and other security-conscious Relational Database Management System (RDBMS) users are often required to protect sensitive information. To this end, many of these companies are starting to utilize certified, tamper-resistant external security modules (ESMs) to protect their data.
However, due to the large amount of data that needs to be stored and processed in today's information systems, it is desirable for this level of security to be made available through the RDBMS without compromising the full performance and scalability capabilities of the RDBMS. Furthermore, using an ESM to protect data in an RDBMS should ideally not require changes to existing applications, even if an application accesses data protected by the ESM.
External Security Modules are physical or logical devices, created to be highly resistant to unauthorized access if used properly. A physical ESM is referred to as a Hardware Security Module or HSM. In an HSM, all sensitive data is stored in a separate physical storage device with its own access control policies. The physical storage device along with its software interfaces are usually certified or tested against both physical and software-based intrusion attempts.
A logical ESM is referred to as a Software Security Module or SSM. Sensitive data is usually encrypted in an SSM, and all cryptographic processing is typically done in a protected memory space on the machine that hosts the SSM.
While existing systems that use ESMs provide an unparalleled level of security for RDBMS users, they require developers of applications using the RDBMS to be aware of the type of ESM being used. Furthermore, these developers must produce code within the applications to properly utilize the features of the ESM. Because of this, different types of ESMs can require different programming methods, and the extra customized programming overhead required before one can use an ESM can be costly.
Hence, what is needed is a method and an apparatus for utilizing the security features of external security modules with relational database management systems without the problems discussed above.