현재페이지
The D’Amo Console provides column encryption, access control, services for establishing and implementing auditing policy, and review and query features for auditing logs. The Console also enables the following:
- PKI based authentication for the Security Administrator
- Easy one-click encryption and removal
- Specific access control according to access routes
- Logging and auditing capabilities for policy changes and data access
- Encrypted column access management
- Powerful database user login access management capabilities
- Security policy with automatic backup and recovery functions
- Automatic backup of login records
The Security Agent executes the security policy within the database as specified by the security administrator, and performs the following functions:
- Batch encryption of data saved within the database
- Real time encryption and decryption of data being entered/accessed from the designated encrypted column
- Control of each user’s encrypted column access
- Archiving of audit logs for encrypted/non-encrypted columns
- Creating safety mechanisms for encrypted columns
D’Amo is composed of a Security Agent installed within the Oracle DB for access control and encryption, a Secure DB for storing policy information, and a Console for establishing and implementing the security administrator’s security policy.
Several DB domains can be registered and administered within one D’Amo service. Their configuration and features are as follows:
Selective Encryption
- Critical data within an enterprise database is selectively encrypted in column units
- Secure Encryption ensures security and optimizes performance by selectively encrypting only the essential data needed (for example, encryption of a Social ID Number column within the customer information table)
Column Security Policy
- Establish column unit security policy (encryption algorithm, operation mode, presence or absence of IV, etc.)
- Several columns can be selected for batch encryption
Access Control Method
- Multi-tiered access control using login time and column encryption to provide complete protection against intrusion
- Login Access Control: checks authorization of DB login times (Tier 1 Access Control)
- Column Access Control: checks authorization for encrypted column access (Tier 2 Access Control)
Login Access Control
Authorizes login user access based on DB account, IP address, MAC, service name, and time of login.
Example: DB user ID “SCOTT”
1st Access Control: Only allow access from IP address 192.168.100.32
2nd Access Control: Authorized DB access time between 9:00 – 18:00
3rd Access Control: Access allowed only using the TOAD application
Auditing Method
- Log all policy changes and events related to encrypted columns (Policy log, Events log, etc.)
- Log and store 100% of SQL activity that queries or edits any encrypted column
- Audit Only function for non-encrypted columns
Log Scheduling
- Periodic backup of audit logs
- Flexibility to select custom backup times and log periods
Diverse Reporting
- Diverse statistical reports and graphic charts feature
- Ability to save reports in HTML or BMP
- National Intelligence Service certification for Security Application
- Ministry of Government Administration and Home Affairs certification for Administrative Information Security Product
- GS certification from the Korean Telecommunications Technology Association (TTA)
- Patent for “Index Column Encryption Method”
D’Amo for Oracle
| O.S | Solaris, AIX, HP-UX, Linux, Windows |
|---|---|
| Database | Oracle 8i(8.1.7.1 and higher) 9i, 10g |
| RAM | Over 512MB |
| HDD | Over 100MB of extra space |
| Required Program | Oracle Client 8i and higher |
D’Amo Console
| O.S | Microsoft Windows NT 4.0 / 2000 / XP / 2003 (x86) |
|---|---|
| RAM | Over 256 MB |
| HDD | Over 250 MB of extra space |
| Required Program | Oracle 8i Client and higher |
D’Amo for SQL Server
| O.S | Solaris, AIX, HP-UX, Linux, Windows |
|---|---|
| Database |
|
| RAM | Over 256MB |
| HDD | Over 200MB of extra space |
