Monday, March 17, 2008

Next Big Thing in Database techology

This is my perosnal opinion of what might be the next big thing in database technology.

When you insert your datan into the database files, the data files of the database are plain and clear...simply, clear text. It's notprotected by anything.

How do you secure your database files then ? Simple... just encrypt it. What happen if you need to do a JDBC or ODBC call to your database and the data flowing through the channel(s) are sensitive? You could encrypt the data . One of the encryption technology you can use to encrypt your JDBC or ODBC is SSL.

In simple terms, the next big thing in database technology is higher security and protection to your database and JDBC / ODBC connections. I think the reason why such a growth in encryption channels is because of the inseurity of the netowkr and the Web. We are constantly under survillence not just by government agenices, but also by hackers and malicious users. These entities would be more than happy to gain quick access into your database and look at your things, and for hackers... they would make a bad mess or harvest the data in your database.

I am a member of a couple of forums and two out of the few forums I am a member, have been hacked. One of the forum had the database data being harvested. Personal information could be leaked.. like private email addresses and passwords. We could change the forum membership passwords when the forum is restored. Most of us use a small amount or even just one password for emails, forum access ...etc. The hackers may have guessed it and use the forum membership password to hack into and try to access your emails and other accounts related to you.

You could spend your time coding the codes to tunnel JDBC / ODBC connection through SSL or you could have your work done by the database (which means the creators of the database have already done that for you). You may want to encrypt every byte before loading them into the database or you could have the database engine do that for you.

H2 database system does just that. H2 JDBC connector allows users to tunnel JDBC through SSL by specifying it in the JDBC connection and it's just that simple. You do not need to code the tunneling yourself. H2 database system also allow an option for the user to select whether to encrypt their database or not to. H2 supports AES encryption and XTEA encyption algorithm for the database file level encryption. Like the JDBC/ODBC SSL, all you need is to specify it in the JDBC connection and leave the database to do the rest for you.

H2 database system:

The future of database systems could be more about the emphasis of security and privacy.

No comments: