[Owasp-rochester-announce] (Reminder) May meeting tonight

Andrea Cogliati andreac at dollos.it
Mon May 19 11:33:45 EDT 2008

May meeting will be held tonight at 6pm at Bryant & Stratton College  
and will feature a presentation by our Chapter Leader, Ralf Durkee,  
on database encryption and key management. Insecure Cryptographic  
Storage is issue #8 in OWASP Top Ten 2007 and it's an integral part  
of conformance to various national and international data protection  
and privacy laws.

Presenter: Ralph Durkee
Topic: Protecting Information with Database Encryption

After briefly defining common cryptographic terms, we'll look at a  
variety of threat vectors that may expose our sensitive information.  
For each threat vector, we'll examine which database encryption and  
key management architectures are best suited to protect sensitive  
information processed in applications. We'll discuss the Payment Card  
Industry PCI-DSS standard and how to meet it's requirements for  
protecting card holder information. We'll discuss alternatives and  
best practice for when, and how to perform encryption with specific  
technologies provided by Oracle and MS SQL Server. We'll recommend  
encryption algorithms and specific programmer API's and techniques  
for best practice.

Attendance to the meeting is free and open to anyone.

Take care,


The third Rochester Security Summit will be held on October 29-30.  
Keep an eye on http://rochestersecurity.org/ web site for an exciting  

More information about the Owasp-rochester-announce mailing list