Fast, highly effective database security using searchable encryption (without the yak shave)
Is it possible to protect data directly and not just the systems in which it is stored?
See this talk and many more by getting your ticket to PyCon AU now!
I want a ticket!As a security-conscious Pythonista, you know to use parameterised database queries, validate user input, use HTTPS, turn on logging, firewalls, sprinkle some static analysis on the build pipeline, and do periodic penetration testing.
But beyond that, there’s not much else you can do, right? Could there even be a better way to secure sensitive data without all the pain?
Encryption-as-access control offers a compelling alternative to data security that is not only more effective but easier to implement reliably than traditional controls. Most application security programs are built on the assumption that we can’t protect the data directly, but we can build layers of defences around it to slow adversaries down.
Searchable, encryption-in-use on the other hand, protects data directly while retaining virtually all query functionality.. Recent advancements finally make it fast and flexible enough for use in everyday systems sans yak shaving..
In this talk, attendees will learn:
- Why many of the traditional approaches to encryption no longer make sense in 2024
- What modern encryption techniques exist for protecting data in your Python applications while keeping it searchable
- What tools you can use today in Python to apply these techniques
- What the performance, security, and usability tradeoffs are for these approaches
- How (not) to shave a yak
Dan is the CEO and founder of CipherStash which provides a highly secure, frictionless data protection platform that works everywhere sensitive data is stored. Dan is a life-long techie, nerd and is proudly neuro-spicy having been diagnosed with ADHD at the age of 40. Dan’s obsession for the past 8 years has been cryptography and the powerful ways it can be used for data protection and privacy.