Download eBook (PDF) - Red Gate Software

5 – Cell-Level Encryption• Identification_Type_ID: This integer value identifies the type ofidentification that is stored in the Identification_Valuecolumn. Through this foreign key to the Identification_Typetable the verbose reference of the identification type, such as "SocialSecurity Number" can be obtained.Sensitivity class: medium, due to our defined default class.• Identification_Value: This variable character value contains the plaintext representation of the actual identification value. For example, ifthe identification type was a Social Security Number the valuecontained in this column would be something like "555-55-5555".Sensitivity class: high.Through the grouping of logically similar columns, the use of a unique rowidentifier, the absence of repeating columns, the use of foreign keys and thefact that the columns contained within this table are dependent only upon theprimary key, we can see that this table has achieved third normal form.This level of normalization has provided a separation of this sensitive data fromdata that is classified with a lesser level of sensitivity. It also confers thebenefits of our first requirement:Requirement 1: Permission to Modify Sensitive DataThe only individuals that will update or insert data into tables containing highsensitivity columns will be members of the Sensitive_high database role.The normalization that has been achieved for theBorrower_Identification table is representative of the other tables thathave been created throughout the HomeLending database.Database Object Access ControlDirect access to all tables within the HomeLending database has been deniedto the members of the Sensitive_high, Sensitive_medium andSensitive_low database roles. An example of the script that was used onthe Borrower_Identification table is shown in Listing 5-1:106