D’Amo is a data security and access control solution that encrypts important information saved in a database, and controls the access to this information. D’Amo protects sensitive data by refining authorized user criterion, and has the advantage of being able to encrypt without any alteration to the legacy application program that is in use.

In the first tier, D’Amo can provide database access control by authorizing logins based on client IP addresses, authorized time for access, and the application program being used. In the second tier it can safely protect the data by granting encryption and decryption capability to encrypted columns based on the database user, client IP address, and application program used.
Important columns have auditing features that provide monitoring capabilities to see which user used which computer to perform which specific actions, and based on this information it can implement a new policy to block any suspicious actions. Additionally, only essential critical information is encrypted, thereby minimizing the burden on system performance.
D’Amo enhances security even further by not allowing the system administrator or user with general DBA authorization to view encrypted data. As such, D’Amo is the professional management tool of choice for database security.

Using D’Amo allows for the safeguarding of sensitive information in the customer database, while simultaneously improving the reliability of the data and fulfilling personal information protection requirements. This in turn builds the foundation for securing sensitive enterprise information, improves the brand image, and increases profits.

• Encrypt and manage crucial data in the database
• Allow database access to approved users by establishing login authorization
• Ability to archive and query important data access logs
• Report feature for auditing (graphic charts and report formats)

D’Amo uses not only encryption but access control, auditing, and reporting to provide a comprehensive database security solution. Initially, it protects data by encrypting it. Then it strengthens this protection by controlling the access. Access control is securely done in two tiers; in the first tier, unnecessary access is blocked using a login access control policy (IP address, service name, time of access). In the second tier, access to encrypted columns is authorized only as needed, and follows a security policy (IP address, service name) as well.

The auditing function maintains a policy log that records all policies established, changed, and deleted, additionally, a detailed record is kept of all access to encrypted and audited columns. Based on this record, sessions can be blocked using access control in cases of multiple unauthorized attempts.

• Encrypting the data in a database involves more than just simply encrypting specific data. When encrypting data, important information must be arranged so that it can be managed securely. Furthermore, numerous functions need to be executed in order to make sure pre-existing applications that reference the encrypted data can continue their normal functions. Such a solution goes beyond simply using an encryption toolkit, and requires the ability to solve a wide range of technical problems.
• D’Amo is the quickest and the most effective solution for organizations that require data encryption but that are struggling with constraints such as the lack of manpower, professional knowledge, and time. D’Amo improves Oracle security through its easy-to-use yet powerful and effective encryption.
• D’Amo provides a user-friendly GUI environment to facilitate data encryption.
• Compared to D’Amo, which provides encryption support for a wide variety of data (characters, dates, numbers), Oracle’s Toolkit only encrypts raw, string, or lob data.
• Oracle’s Toolkit only uses DES56bit and 3DES whereas D’Amo supports various domestic and international encryption algorithm standards such as SEED, AES, DES, 3DES, etc.

It is true that Oracle’s 10g supports Transparent Data Encryption (TDE). With the TDE feature it is possible to work with the encrypted data using the export/import function which supports data encryption. However, if you have the authority to use the appropriate SELECT operation, you can automatically decrypt data without a separate authorization for decrypting encrypted tables. In other words, a 10g database administrator can easily decrypt any encrypted data at will using the SELECT operation.

As such, if the DBA account and password are exposed (due to hacking, etc.) important information can be compromised. Also, 10g cannot support SEED, a domestic algorithm widely used by the public and financial sectors. On top of buying the Oracle software, an extra expense of $20,000 per CPU is required.

With D’Amo, in order to access encrypted data the user must have the authority to SELECT the corresponding table and then, depending on the account, can also be granted a separate authorization for decryption. D’Amo also carries out detailed internal access control allowing authorization only from specific IP addresses.

With D’Amo, even users with DBA authority must be granted a separate authority by the security administrator to be able to query encrypted data. Moreover, D’Amo provides a user friendly GUI to centrally administer and manage several databases while providing effective database management by fundamentally separating the database management from security management.

There is no need for any kind of modification when installing and encrypting important data using D’Amo, since the same table name and column name can be used to access the database using the pre-existing programs.

Think of D’Amo as your last line of defense for your company’s most valuable data.
You must have a clear plan as to which data needs to be encrypted, and it is also helpful to determine which algorithm you want to use.

It is not always imperative that you have encryption. Controlling the login access can sometimes be enough. Specifying the access programs, times of access, and IP addresses can safeguard your data. However, the simultaneous use of data encryption and access control can afford a more powerful data security.

It can be authorized according to the database user, access program, and IP address for each encrypted column. It is possible to securely store your data by limiting access to authorized users, programs, and IP addresses.

The D’Amo administrator has the ability to use various methods to show the results to non-authorized users utilizing the D’Amo console. When it returns a DBMS error or a specific character error (example: ######),
it is possible to have it return the encrypted value itself.

Yes, it is possible. Database security administrators can encrypt data using D’Amo’s index support feature.
It is possible to encrypt trigger, PK/FK, Materialized View, and Default columns as well.

If all the data within the database is encrypted there will be a serious problem with performance.
Since encrypting the entire database is ineffective and lowers performance, we recommend encrypting only the sensitive and critical data.

No, there are no problems. You can back up all the objects that include the encrypted data, and then recover them at any terminal that has D’Amo installed. When using a separate script to backup each table, the modified name of the table must be used to recover the backup data.

Enormous damage can occur when a database supervisory administrator’s password is stolen by an unlawful attack from a third party. This can compromise all the enterprise’s critical data. However, D’Amo can minimize the damage during such a massive leakage by blocking any access, even if it is by a database administrator, by only granting access to the specifically authorized encrypted columns.

As a provision for situations where the encryption key used for data encryption is lost, the security policy (encryption key, encryption mode, etc.) stored within the database is automatically backed up to the D’Amo Console at the time of setup. 
As such, this minimizes risks due to data loss in the event that the sole encryption key is lost.