PRWeb The Leader Press Release Distribution
See How PRWeb Works

We're here to help 1-866-640-6397

Login Create Free Account

Why PRWeb Customer Examples Pricing Tools & Tips

All Press Releases for September 20, 2007 Subscribe to this News Feed    
 

ERUCES Encryption Security Software Thwarts Black Hat Database Attack

ERUCES engineers confirmed recently that the company's Tricryption encryption software protects databases against an exploit unveiled at the 2007 Black Hat Security Conference.

Lenexa, KS (PRWEB) September 20, 2007 -- ERUCES engineers confirmed recently that the company's Tricryption software, and more specifically the Application Server Agent and the Tricryption Cryptographic Key Server, protects against the database exploit presented by researchers last month at the 2007 Black Hat Security Conference.

ERUCES LOGO PNG
ERUCES LOGO PNG

The database exploit discovered by Core Security Technologies may be used by attackers to determine arbitrary values within a database through a process called a timing side-channel attack. This type of attack measures the amount of time between database writes to determine values within the database. The discovery used mySQL, a very popular open source database, but the Argentinean researchers suggested this same attack should work on Microsoft and Oracle databases because of their use of a data storage mechanism called B+ trees. They insist more research on additional databases is necessary, and will be forthcoming.

If hackers were to use this vulnerability, it would be most successful on locations with unsecured data storage, where credit card information or passwords are recorded without security protection. ERUCES' Application Server Agent (ASA) secures entries stored within a database, providing protection down to the individual element level, locking personally identifiable information, passwords or other desirable information through high security encryption. ERUCES' ASA communicates with the encryption key servers for authentication and authorization of element access, insuring there will be no disclosure through the Black Hat vulnerability.

About ERUCES:
ERUCES is redefining cryptographic security, providing encryption, key management and key distribution products that protect Databases, Workstations, Servers, Web Services/Application Servers and third-party applications. ERUCES Tricryption software utilizes standard encryption algorithms implemented in validated cryptographic modules. ERUCES is a privately held software company headquartered in Kansas City with offices in Tampa, Orlando, and Columbia, MD. For further information on ERUCES, visit www.eruces.com.

# # #

Post Comment:
Trackback URL: http://www.prweb.com/pingpr.php/Q3Jhcy1FbXB0LVRoaXItTWFnbi1UaGlyLVplcm8=

Technorati Tags

Bookmark -  Del.icio.us | Furl It | Technorati | Ask | MyWeb | Propeller | Live Bookmarks | Newsvine | TailRank | Reddit | Slashdot | Digg | Stumbleupon | Google Bookmarks | Sphere | Blink It | Spurl

OPTIONS
Printer Friendly Version
Download PDF Version
Download Reader Version
BlogThis
ShareThis
CONTACT INFORMATION
Jon-Michael Brook
ERUCES, Inc.
9133100888
Email us Here
ATTACHED FILES

There are no multimedia files attached to this release. If this is your release, you may add images or other multimedia files through your PRWeb News Management Console.
ABOUT PRESS RELEASES
If you have any questions regarding information in these press releases please contact the company listed in the press release. Please do not contact PRWeb. We will be unable to assist you with your inquiry. PRWeb disclaims any content contained in these release. Our complete disclaimer appears here.
 
Close Move

© Copyright 1997-2009, Vocus PRW Holdings, LLC.
Vocus, PRWeb and Publicity Wire are trademarks or registered trademarks of Vocus, Inc. or Vocus PRW Holdings, LLC.

About PRWeb | News about PRWeb | Contact Us | Terms of Service | Privacy Policy | Copyright