Do you have personal information in your database?
Do you keep files on your customers, your employees, or anyone else?
Do you need to worry about European laws restricting the information you keep?
Do you keep copies of credit card numbers, social security numbers, or other information that might be useful to identity thieves or insurance fraudsters?
Do you deal with medical records or personal secrets?
Most database administrators have some of these worries. Some have all of them. That's why database security is so important.
This new book, Translucent Databases, describes a different attitude toward protecting the information. Most databases provide elaborate control mechanisms for letting the right people in to see the right records. These tools are well-designed and thoroughly tested, but they can only provide so much support. If someone breaks into the operating system itself, all of the data on the hard disk is unveiled. If a clerk, a supervisor, or a system administrator decides to turn traitor, there's nothing anyone can do.
Translucent databases provide better, deeper protection by scrambling the data with encryption algorithms. The solutions use the minimal amount of encryption to ensure that the database is still functional. In the best applications, the personal and sensitive information is protected but the database still delivers the information.
There's now a second edition of the best selling book about building computer systems that do useful work without holding any useful information. It comes with four new chapters and hundreds of revisions.