Difference between revisions of "OWASP VaultDB Project"

From OWASP
Jump to: navigation, search
 
(8 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 +
{|
 +
|-
 +
! width="700" align="center" | <br>
 +
! width="500" align="center" | <br>
 +
|-
 +
| align="right" | [[Image:OWASP Inactive Banner.jpg|800px| link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Inactive_Projects]]
 +
| align="right" |
 +
 +
|}
 
=Main=
 
=Main=
VaultDB is a secure NoSQL database management system (DBMS) for modern applications. It supports multi-recipient encryption, table-level encryption, group encryption and comes loaded with a strong cryptosystem.
 
  
* Formerly known as Scytale
+
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>
 +
 
 +
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
 +
| valign="top"  style="border-right: 1px dotted gray;padding-right:25px;" |
 +
 
 +
http://www.vaultdb.org/vault-icon.png
 +
 
 +
 
 +
==OWASP VaultDB Project==
 +
 
 +
VaultDB is an encrypted persistent key-value store with a multi-recipient cryptosystem for PHP based web applications.
 +
 
 +
==Introduction==
 +
 
 +
This framework provide everything you need for storing encrypted key-value documents inside a custom MySQL database. VaultDB also comes with a secure user login and authentication mechanism designed to avoid common security and cryptographic pitfalls.
 +
 
 +
==Description==
 +
 
 +
VaultDB adds automatic transparent encryption to your application's data at the table/document level. Instead of using it's own internal storage engine, VaultDB stores the encrypted data inside a custom MySQL database for storage.
 +
 
 +
It's design is made to provide developers with a solid method for integrating strong cryptography inside web applications and secure data using NoSQL-like transactions.
 +
 
 +
==Licensing==
 +
OWASP VaultDB is free to use. It is licensed under the BSD license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same license to this one.
 +
 
 +
 
 +
| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
 +
 
 +
== What is VaultDB? ==
 +
 
 +
OWASP VaultDB can protect your application from '''4 out of 10 critical security risks''' in the OWASP Top Ten Most Critical Web Application Security Risks from [[OWASP_Top_Ten_Project]].
 +
 
 +
* A1 Injection
 +
* A2 Broken Authentication and Session Management (was formerly A3)
 +
* A5 Security Misconfiguration (was formerly A6)
 +
* A6 Sensitive Data Exposure (merged from former A7 Insecure Cryptographic Storage and former A9 Insufficient Transport Layer Protection)
 +
 
 +
 
 +
== Project Leader ==
 +
 
 +
Project leader's is Maxime Labelle (maxime.labelle@owasp.org)
 +
 
 +
 
 +
== Related Projects ==
 +
 
 +
* [[OWASP_PHP_Security_Project]]
 +
 
 +
== Ohloh ==
 +
 
 +
*https://www.ohloh.net/p/VaultDB
 +
 
 +
| valign="top"  style="padding-left:25px;width:200px;" |
 +
 
 +
== Quick Download ==
 +
 
 +
* [https://github.com/zalg/VaultDB Download from github]
 +
* [http://www.vaultdb.org Official web site]
 +
 
 +
 
 +
 
 +
== News and Events ==
 +
* [30 Jan 2014] New release out
 +
 
 +
 
 +
== Documentation ==
 +
You can view the [http://www.vaultdb.org/VaultDB-UserManual.pdf online documentation here]
 +
 
 +
 
 +
==Classifications==
 +
 
 +
  {| width="200" cellpadding="2"
 +
  |-
 +
  | align="center" valign="top" width="50%" rowspan="2"| [[File:Owasp-incubator-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
 +
  | align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]] 
 +
  |-
 +
  | align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
 +
  |-
 +
  | colspan="2" align="center"  | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
 +
  |-
 +
  | colspan="2" align="center"  | [[File:Project_Type_Files_CODE.jpg|link=]]
 +
  |}
 +
 
 +
|}
  
=Project About=
+
__NOTOC__ <headertabs />
{{:Projects/OWASP_VaultDB_Project}}
+
  
[[Category:OWASP Project]]
+
[[Category:OWASP Project]]  [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]]  [[Category:OWASP_Document]]

Latest revision as of 10:55, 3 July 2014



OWASP Inactive Banner.jpg

Main

OWASP Project Header.jpg

vault-icon.png


OWASP VaultDB Project

VaultDB is an encrypted persistent key-value store with a multi-recipient cryptosystem for PHP based web applications.

Introduction

This framework provide everything you need for storing encrypted key-value documents inside a custom MySQL database. VaultDB also comes with a secure user login and authentication mechanism designed to avoid common security and cryptographic pitfalls.

Description

VaultDB adds automatic transparent encryption to your application's data at the table/document level. Instead of using it's own internal storage engine, VaultDB stores the encrypted data inside a custom MySQL database for storage.

It's design is made to provide developers with a solid method for integrating strong cryptography inside web applications and secure data using NoSQL-like transactions.

Licensing

OWASP VaultDB is free to use. It is licensed under the BSD license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same license to this one.


What is VaultDB?

OWASP VaultDB can protect your application from 4 out of 10 critical security risks in the OWASP Top Ten Most Critical Web Application Security Risks from OWASP_Top_Ten_Project.

  • A1 Injection
  • A2 Broken Authentication and Session Management (was formerly A3)
  • A5 Security Misconfiguration (was formerly A6)
  • A6 Sensitive Data Exposure (merged from former A7 Insecure Cryptographic Storage and former A9 Insufficient Transport Layer Protection)


Project Leader

Project leader's is Maxime Labelle (maxime.labelle@owasp.org)


Related Projects

Ohloh

Quick Download


News and Events

  • [30 Jan 2014] New release out


Documentation

You can view the online documentation here


Classifications

Owasp-incubator-trans-85.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files CODE.jpg