Column level encryption

Column level encryption is a form of database encryption method. To understand why column level encryption is different from other encryption methods like file level encryption, disk encryption, and database encryption, a basic understanding of encryption is required.

Basically, when data are being collected and stored as records, those records will appear in a tabular format in rows in the database with each rows having specific data or information inputted. Some data are deemed more sensitive than the others , like data of birth, social security number, address, work place, etc. To ensure that these set of private information is transferred securely, data goes through encryption, which is encoding plaintext to cuphertext to be illegible to the common readers or receivers, but can only be decoded by person who holds the decryption key.

Because not all data are sensitive and important, column level encryption allows users to flexibly choose what data should or should not be encrypted in the columns. This is to insure that minimum disruption while maintaining performance when data is being retrieved from the database.

The technology has been adoted by many encryption software companies around the world, including IBM, MyDiamo (Penta Security), Oracle and more. Column level encryption does not store the same encryption key like table encryption does but rather separate keys for each column. This method ensures that unauthorized access would be more difficult too.

• Flexibility in data to encrypt. The application can be written to control when, where, by whom, and how data is viewed
• Transparent encryption is possible
• More secure as each column can have its own unique encryption key within the database
• Encryption is possible when data is active and not just “at rest”
• Retrieval speed is maintained because there’s less encrypted data

Aside from column level encryption, there are

References