AWS Database Encryption SDK for Amazon DynamoDB In Preview
Written by Nikos Vaggalis   
Monday, 24 July 2023

AWS Database Encryption SDK is an upgrade to the existing Amazon DynamoDB Encryption Client, that enables attribute level encryption of DynamoDB workloads client-side.

DynamoDB has always had server-side encryption to ensure your data was encrypted at rest. This new SDK enables client- side encryption too, allowing you to protect the data in transit before it even leaves its origin. Previously, if you wanted client-side encryption you had to provision your own solution in your applications. With the SDK that's a thing of the past.

As far as Attribute-level encryption goes, this refers to the process of encrypting individual attributes or fields within a larger data structure or object. It allows for more granular control over the encryption of sensitive data, as different attributes can have different encryption keys and access policies. For example, in Amazon FinSpace, attribute sets are used to describe datasets, and attributes within these sets help capture additional business context for each dataset. This allows for better search results and metadata quality. Similarly, in Amazon GameLift's FlexMatch, player attributes can be declared within a rule set, which can then be used to pass information to the game session.

That aside, it also lets you easily search on encrypted attributes without decrypting the entire database beforehand. This lets you find the right information quickly while your data remains securely encrypted within the database.

Moreover,it has also been designed with multi-tenancy in mind, meaning that you can have multiple Key Management Service providers encrypting different parts of the same table as well as using KMS key policies to enforce clear separation between the authorized users who can access specific encrypted attributes and those who cannot.

The SDK is available for Java, and in order to use it, you must have:

  • A Java 8 or newer development environment.
  • Declare a Dependency on the DB-ESDK for DynamoDB in Java and it's dependencies, via Gradle or Maven.
  • the DynamoDB client from the AWS SDK for Java V2 and the AwsCryptographicMaterialProviders library.
  • An Amazon Web Services (AWS) account to use the DB-ESDK for DynamoDB as it's specifically designed to work with Amazon DynamoDB.

Optionally, you can use AWS Key Management Service (AWS KMS) as your main keyring provider.

 newawslogo

More Information

AWS Database Encryption SDK for DynamoDB in Java
Announcing preview of the AWS Database Encryption SDK for Amazon DynamoDB

Related Articles 

AWS Lambda Adopts Python 3.10

AWS Lambda Adopts Java 17

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Banner

Microsoft Cybersecurity Analyst Professional Certificate
21/07/2023

New on the Coursera platform this program doesn't require previous experience or education and it takes just six months for beginner-level learners to get hands-on practice in Microsoft Azure, ne [ ... ]


+ Full Story
DataStax Adds Vector Search To Astra DB And DataStax Enterprise
10/08/2023

DataStax has announced support for vector search on Astra DB and DataStax Enterprise, opening the option for storing data as vector embeddings to support uses including genera [ ... ]


+ Full Story
More News

Summer SALE Kindle 9.99 Paperback $10 off!!

esp32book

 

 

Comments




or email your comment to: [email protected]