Demo Series: Protect Database From Exposing Data in Temporary Files

Published on
Oct 25, 2023
Learn how the Anjuna Confidential Computing Platform can help safeguard your database from unintentionally exposing data stored in temporary files.
https://www.anjuna.io/blog/demo-series-protect-database-from-exposing-data-in-temporary-files

Welcome to our demo video, showcasing how the Anjuna Confidential Computing Platform can help safeguard your database from unintentionally exposing data stored in temporary files.

Today, we'll focus on the database in a typical multi-tier app architecture. As we know, databases often cache data in temporary files that are saved to the file system, which can create vulnerabilities if attackers compromise the compute layer.

Database Vulnerability Scenario

Let's start by simulating an end-user registration process that collects sensitive data and stores it in a database. As a user, we submit my data and believe it's safe. But what happens if the database is breached?

We will play the role of an attacker who has gained root access to the database. As the attacker, we know it's easy to locate the database's temporary files stored on disk, and just like that, here's the PII data in clear text.

Seamless Database Protection

But with Anjuna, we can protect the database from exposing temporary data to attackers. As an administrator, I invoke the Anjuna Confidential Runtime, which utilizes new hardware capabilities in the cloud to protect data in use. Anjuna creates a secure enclave for the database to operate within. As you can see in the terminal, securing your database with Anjuna is as easy as running one simple command. And the best part is you don't have to re-engineer your database to get this protection.

Enhanced Data Encryption Capabilities

In addition to safeguarding data in use, Anjuna can also be configured to encrypt data, such as temporary files, when it leaves the secure enclave to be stored on disk. The encryption keys are stored in the Anjuna Policy Manager or an equivalent secret store. The Anjuna Policy Manager securely distributes the key only to a trusted database running in the secure enclave, and the key is never exposed to the host or any potential attackers.

Anjuna’s Protection in Action 

Now, let's test the protection provided by Anjuna. Once again, we'll play the role of an attacker and attempt to view the database's temporary files.

However, this time, the content is encrypted and cannot be accessed, thanks to Anjuna. Anjuna provides unparalleled protection against cyber threats by safeguarding your database from inadvertently exposing data through its temporary files.

Secure Your Sensitive Data With Anjuna

Try it out today and experience the peace of mind that comes from knowing your sensitive data is secured.

Learn more about the capabilities of the Anjuna Confidential Computing Platform by scheduling your own live demo.

More like this
Governance, zero trust, and data-in-use: What you need to know about NIST CSF 2.0
Governance, zero trust, and data-in-use: What you need to know about NIST CSF 2.0
Prevent Accidental Secret Breaches with Anjuna and GitLab
Is your security more like a seatbelt, or an elevator brake?
Get Started Free with Anjuna Seaglass

Try free for 30 days on AWS, Azure or Google Cloud, and experience the power of intrinsic cloud security.

Start Free
Anjuna Platform and Features
Secrets Protection