ARTIBIS provides four layers of encryption for database driven applications. The first level of encryption is for the connections to the system itself. All connections that need to be secure are secured with SSL connections. Data that needs maximum security is then encrypted inside the application. Next, the data is automatically encrypted again inside the database.
The fourth layer of encryption is access and visibility encryption. Each row in the database can have a security access level set. Only authenticated and authorized users can see data through the application and those users will only be able to see data they are authorized to see based on their user security level.
Should the system be attacked by an external user or breached by an internal employee, the employee or hacker would not be able to decrypt the data even if he or she could capture it directly from the database using a super user account or database administrator account. Additionally, because of the SSL connections, the data cannot be captured by a network intruder who simply
breaches the network and monitors all text based traffic that flows across the network. In the case where the highest level user decides to attack the system using legitimate access and authorization, the system also provides advanced auditing that shows what all users do. The system also sends reports and alerts for suspicious activity. Additionally, some types of data can be set to
application automation only level access.
For example, a stored credit card number is only visible to an automated application that bills credit cards. No actual human user would be able to select all credit card numbers from the database even with the highest levels of access. Since the data is encrypted both by the application and the database, only the application can fully decrypt the data
by first requesting a decrypt of the data inside the database using a secret decryption key, then further decrypting the data using its own internal secret decryption key and method.
