Solution Security

Solution Security Compliance Requirements

Encryption Applicability

Item Security Requirements Functional Requirements Description
Encryption Support Use of validated cryptographic modules and algorithms for security. -ARIA 128/192/256, SEED
-SHA 256 higher, HAS-160
Cryptographic Module Verification Requirement
Encryption Key Management Ensuring the stability of cryptographic key generation, access, renewal, and disposal - Key derivation from validated international standard algorithms
- The cryptographic keys loaded into shared memory are not in plaintext
Security Requirements for DB Encryption Products
DB Data Encryption and Decryption Ensuring the stability of critical data, encrypted data, ciphertext, and index - Encryption and decryption through a secure cryptographic module
- The original data is deleted after encryption
Certified Encryption Module
Access Control Preventing unauthorized access to cryptographic keys, ciphertext - Limitations based on conditions such as DB accounts, IP addresses, applications, and access periods Security Requirements for DB Encryption Products
Secure Communication Maintaining confidentiality and integrity of transmitted data - Secure transmission between product components.
Identification and Authentication Verifying the identity of authentication product users - Reset after consecutive user authentication failures
- Prevention of authentication data reuse attacks
Security Auditing Recording important events related to the product - Audit data is accessible only to authenticated users
- Review based on DB table names, DB column names, and query types
Security Management Efficiently managing security policies and audit logs - Review based on DB table names, DB column names, and query types

Please check out the free trial

Sales team inquiry