How do you protect sensitive data in a database?

I've written a simple email backup service, in which I can easily forward my mail to my server and it'll store it in a database. Currently, I'm just base64 encoding the data and then storing it. I've been told by many people that they trust GPG the most, but that looks like it'd be difficult to implement on a per-user basis. Is there any way to protect user's sensitive data in such a way that technically only that single person is capable of viewing the contents?
Answer:

Assuming that you are talking about relational databases, there are privileges that can be applied to tables that can allow or restrict reading, writing, updating and deleting data. The ability to allow or restrict access at different levels of granularity varies by the relational database management system being used. Every RDBMS that I am aware of allows a database administrator to GRANT or REVOKE the basic 4 privileges ( SELECT, INSERT, UPDATE and DELETE) at the table level. Some databases will allow you to also apply those 4 basic privileges with a finer degree of granularity. For example, you can prevent individual columns of data in a table from being accessed/manipulated based on grants, and you can prevent individual rows of data from being accessed/manipulated based on grants. Beyond basic mechanisms to allow or restrict access within a database, other common access control mechanisms include encryption and PKI Certificates. Also, another thing worth looking at is Oracle's Data Vault technology - it can actually prevent privileged users (i.e. DBAs) from gaining access to confidential data. If you aren't talking about relational databases, then use are pretty much left with normal POSIX security at the file level.

Steve Larrison at Quora Visit the source

Was this solution helpful to you?

Other answers

The answer: DATABASE ENCRYPTION: Steve has provided a good answer though to elaborate (weâ€™re assuming Relational) since most mainstream, legacy databases for simple storage/backup are relational databases. Some come with built-in encryption functionality (like Microsoft and Oracle) that allows the user to specify which data elements are encrypted. This method encrypts the data before it is written to the database tables; access to decrypt the data can be tightly restricted so that any person or application without rights will only see garbled text.

Sherri Douville

Related Q & A:

How to add bulk virtual data in database?Best solution by msdn.microsoft.com
How can I insert posted data into the database?Best solution by Stack Overflow
How to display Android database data in a ListView?Best solution by Stack Overflow
How can we protect a domain name and trademark internationally?Best solution by Quora
How much is 1MB of data on a cell phone?Best solution by Yahoo! Answers

Just Added Q & A:

How many active mobile subscribers are there in China?Best solution by Quora
How to find the right vacation?Best solution by bookit.com
How To Make Your Own Primer?Best solution by thekrazycouponlady.com
How do you get the domain & range?Best solution by ChaCha
How do you open pop up blockers?Best solution by Yahoo! Answers

For every problem there is a solution! Proved by Solucija.

Got an issue and looking for advice?
Ask Solucija to search every corner of the Web for help.
Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.