Now, I have to know about what is PCI DSS and example of PCI DSS requirements related to database encryption because our company's business model project.
Additionally, How can I deal with these database encryption system economically in MySQL DB? and what is best solution?
Please give me some useful encryption solution about this area.
The continuation of massive credit card data breaches at many high profile organizations, prompted the development of the Payment Card Industry Data Security Standard (PCI DSS), which standardizes how credit card data should be protected. Under the PCI DSS, a business or organization should be able to assure their customers that its credit card data/account information and transaction information is safe from hackers or any malicious system intrusion, whether from those outside the organization or from within:
l 24.8 percent of financial services institutions worldwide experienced external breaches within the past 12 months [1]
l 31.3 percent of these global institutions suffered internal breaches during the same timeframe [1]
To achieve compliance with the PCI Security Standard, vendors and service providers must adhere to six major categories of requirements, with a total of twelve PCI-required controls, covering access management, network security, incident response, network monitoring and testing and information security policies.
And PCI DSS Requirements Related to Database Encryption Example.
Requirement 3: Protect stored data
3.3 Mask PAN when displayed (the first six and last four digits are the maximum number of digits to be displayed).
3.4 Render PAN unreadable anywhere it is stored (including on portable digital media, backup media, and in logs) by using any of the following approaches:
One-way hashes based on strong cryptography (hash must be of the entire PAN)
Truncation (hashing cannot be used to replace the truncated segment of PAN)
Index tokens and pads (pads must be securely stored)
Strong cryptography with associated key-management processes and procedures
Requirement 8: Assign a unique ID to each person with computer access.
Requirement 10: Track and monitor all access to network resources and cardholder data.
If you want to encrypt almost every databases or columns, there are no difference between file-level encryption and another type encryption tools. In that case, you can find many file-level encryption tools like Gazzang's nZcrypt. http://www.gazzang.com/products/zncrypt
However, if you want to encrypt only few columns, I would like you to find Cell-level encryption or Column-level encryption tools. As I know in SQL Server, its' own encryption function supports Cell-level encryption, but I am not sure whether Cell-level encryption tools exists in MariaDB.
Recently, I have found Column-Level encryption software, MyDiamo.
