Latest revision as of 23:47, 27 December 2014

Main

OWASP VaultDB Project

VaultDB is an encrypted persistent key-value store with a multi-recipient cryptosystem for LAMP (Linux, Apache, MySQL, PHP) based web applications.

Introduction

This framework provide everything you need for storing encrypted key-value documents inside a custom MySQL database. VaultDB also comes with a secure user login and authentication mechanism designed to avoid common security and cryptographic pitfalls.

Description

VaultDB adds automatic transparent encryption to your application's data at the table/document level. Instead of using it's own internal storage engine, VaultDB stores the encrypted data inside a custom MySQL database for storage.

It's design is made to provide developers with a solid method for integrating strong cryptography inside web applications and secure data using NoSQL-like transactions.

Licensing

OWASP VaultDB is free to use. It is licensed under the BSD license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same license to this one.

What is VaultDB?

OWASP VaultDB can protect your application from 4 out of 10 critical security risks in the OWASP Top Ten Most Critical Web Application Security Risks from OWASP_Top_Ten_Project.

A1 Injection
A2 Broken Authentication and Session Management (was formerly A3)
A5 Security Misconfiguration (was formerly A6)
A6 Sensitive Data Exposure (merged from former A7 Insecure Cryptographic Storage and former A9 Insufficient Transport Layer Protection)

Project Leader

Project leader's is Maxime Labelle ([email protected])

Related Projects

OWASP_CISO_Survey

Quick Download

News and Events

[30 Jan 2014] New release out

Documentation

You can view the online documentation here

Classifications

@@ Line 1: / Line 1: @@
-{{Template:Project About
+{|
-| project_name =OWASP VaultDB Project
+|-
-| project_description =VaultDB is a secure NoSQL database management system (DBMS) for modern applications. It supports multi-recipient encryption, table-level encryption, group encryption and comes loaded with a strong cryptosystem.
+! width="700" align="center" | <br>
+! width="500" align="center" | <br>
+|-
+| align="right" | [[Image:OWASP Inactive Banner.jpg|800px| link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Inactive_Projects]]
+| align="right" |
-VaultDB adds automatic transparent encryption to your application's data at the table/document level. Instead of using it's own internal storage engine, VaultDB stores the encrypted data inside your prefered DBMS for storage.
+|}
+=Main=
-It's design is made to provide developers with a solid method for integrating strong cryptography inside applications and databases, secure data using NoSQL-like transactions while avoiding encryption design flaws.
+<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>
-Cryptography is hard and implementation mistakes can quickly render any encryption scheme useless and insecure.
+{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
+| valign="top"  style="border-right: 1px dotted gray;padding-right:25px;" |
-VaultDB was designed with these facts in mind and aim at ensuring proper security through open verifiability of it's cryptosystem's implementation.
+http://www.vaultdb.org/vault-icon.png
+==OWASP VaultDB Project==
-----
+VaultDB is an encrypted persistent key-value store with a multi-recipient cryptosystem for LAMP (Linux, Apache, MySQL, PHP) based web applications.
+==Introduction==
-This project can protect your application from '''4 out of 10 critical security risks''' in the OWASP Top Ten Most Critical Web Application Security Risks from [[OWASP_Top_Ten_Project]].
+This framework provide everything you need for storing encrypted key-value documents inside a custom MySQL database. VaultDB also comes with a secure user login and authentication mechanism designed to avoid common security and cryptographic pitfalls.
+==Description==
+VaultDB adds automatic transparent encryption to your application's data at the table/document level. Instead of using it's own internal storage engine, VaultDB stores the encrypted data inside a custom MySQL database for storage.
+It's design is made to provide developers with a solid method for integrating strong cryptography inside web applications and secure data using NoSQL-like transactions.
+==Licensing==
+OWASP VaultDB is free to use. It is licensed under the BSD license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same license to this one.
+| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
+== What is VaultDB? ==
+OWASP VaultDB can protect your application from '''4 out of 10 critical security risks''' in the OWASP Top Ten Most Critical Web Application Security Risks from [[OWASP_Top_Ten_Project]].
 * A1 Injection
@@ Line 23: / Line 47: @@
-----
+== Project Leader ==
+Project leader's is Maxime Labelle ([email protected])
+== Related Projects ==
+* [[OWASP_CISO_Survey]]
+| valign="top"  style="padding-left:25px;width:200px;" |
+== Quick Download ==
+* [https://github.com/maxlabelle/VaultDB Download from github]
+* [http://www.vaultdb.org Official web site]
+== News and Events ==
+* [30 Jan 2014] New release out
-Home page : [http://www.vaultdb.org VaultDB]
+== Documentation ==
+You can view the [http://www.vaultdb.org/VaultDB-UserManual.pdf online documentation here]
-Online repo : [http://github.com/mrshadow/VaultDB Github]
+==Classifications==
-----
+   {| width="200" cellpadding="2"
+   |-
+   | align="center" valign="top" width="50%" rowspan="2"| [[File:Owasp-incubator-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
+   | align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]]
+   |-
+   | align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
+   |-
+   | colspan="2" align="center"  | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
+   |-
+   | colspan="2" align="center"  | [[File:Project_Type_Files_CODE.jpg|link=]]
+   |}
+|}
-| project_license =Modified BSD, 3-clause License  (we recommend you consider Apache 2.0 instead of this licnese.  It is more up-to-date and provides a little more protection from software patent lawsuits)
+__NOTOC__ <headertabs />
-| leader_name1 =Maxime Labelle
-| leader_email1 [email protected]
-| mailing_list_name = https://lists.owasp.org/mailman/listinfo/owasp_scytale_project
-| project_road_map = https://www.owasp.org/index.php/Projects/OWASP_Scytale_Project/Roadmap
-}}
-[[Category:OWASP Download]]
+[[Category:OWASP Project]]  [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]]  [[Category:OWASP_Document]]
-[[Category:OWASP Top Ten Project]]
-[[Category:OWASP_Project]]
-[[Category:Encryption]]
-[[Category:Cryptography]]
-[[Category:OWASP_Guide_Project]]

Difference between revisions of "Projects/OWASP VaultDB Project"

Latest revision as of 23:47, 27 December 2014

Main

OWASP VaultDB Project

Introduction

Description

Licensing

What is VaultDB?

Project Leader

Related Projects

Quick Download

News and Events

Documentation

Classifications

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools