AWS Database Encryption SDK for Amazon DynamoDB In Preview
Written by Nikos Vaggalis   
Monday, 24 July 2023

AWS Database Encryption SDK is an upgrade to the existing Amazon DynamoDB Encryption Client, that enables attribute level encryption of DynamoDB workloads client-side.

DynamoDB has always had server-side encryption to ensure your data was encrypted at rest. This new SDK enables client- side encryption too, allowing you to protect the data in transit before it even leaves its origin. Previously, if you wanted client-side encryption you had to provision your own solution in your applications. With the SDK that's a thing of the past.

As far as Attribute-level encryption goes, this refers to the process of encrypting individual attributes or fields within a larger data structure or object. It allows for more granular control over the encryption of sensitive data, as different attributes can have different encryption keys and access policies. For example, in Amazon FinSpace, attribute sets are used to describe datasets, and attributes within these sets help capture additional business context for each dataset. This allows for better search results and metadata quality. Similarly, in Amazon GameLift's FlexMatch, player attributes can be declared within a rule set, which can then be used to pass information to the game session.

That aside, it also lets you easily search on encrypted attributes without decrypting the entire database beforehand. This lets you find the right information quickly while your data remains securely encrypted within the database.

Moreover,it has also been designed with multi-tenancy in mind, meaning that you can have multiple Key Management Service providers encrypting different parts of the same table as well as using KMS key policies to enforce clear separation between the authorized users who can access specific encrypted attributes and those who cannot.

The SDK is available for Java, and in order to use it, you must have:

  • A Java 8 or newer development environment.
  • Declare a Dependency on the DB-ESDK for DynamoDB in Java and it's dependencies, via Gradle or Maven.
  • the DynamoDB client from the AWS SDK for Java V2 and the AwsCryptographicMaterialProviders library.
  • An Amazon Web Services (AWS) account to use the DB-ESDK for DynamoDB as it's specifically designed to work with Amazon DynamoDB.

Optionally, you can use AWS Key Management Service (AWS KMS) as your main keyring provider.

 newawslogo

More Information

AWS Database Encryption SDK for DynamoDB in Java
Announcing preview of the AWS Database Encryption SDK for Amazon DynamoDB

Related Articles 

AWS Lambda Adopts Python 3.10

AWS Lambda Adopts Java 17

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Banner

Google Opensources Privacy Library
08/11/2024

Google is making a new differential privacy library available as open source. PipelineDP4J is a Java-based library that can be used to analyse data sets while preserving privacy.


+ Full Story
Firefox 1.0 Released 20 Years Ago
10/11/2024

A news item with the headline "Firefox browser takes on Microsoft" from 20 years ago has attracted renewed attention. It was originally published on the BBC News website on November 9th, 2004 rec [ ... ]


+ Full Story
More News

espbook

 

Comments




or email your comment to: comments@i-programmer.info