CA2417516A1 - Method and apparatus for automatic database encryption - Google Patents

Method and apparatus for automatic database encryption Download PDF

Info

Publication number
CA2417516A1
CA2417516A1 CA002417516A CA2417516A CA2417516A1 CA 2417516 A1 CA2417516 A1 CA 2417516A1 CA 002417516 A CA002417516 A CA 002417516A CA 2417516 A CA2417516 A CA 2417516A CA 2417516 A1 CA2417516 A1 CA 2417516A1
Authority
CA
Canada
Prior art keywords
column
database system
encrypted
encryption
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002417516A
Other languages
French (fr)
Other versions
CA2417516C (en
Inventor
Richard Wessman
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Oracle International Corp
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of CA2417516A1 publication Critical patent/CA2417516A1/en
Application granted granted Critical
Publication of CA2417516C publication Critical patent/CA2417516C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S707/00Data processing: database and file management or data structures
    • Y10S707/99931Database or file accessing
    • Y10S707/99939Privileged access

Abstract

One embodiment of the present invention provides a system for managing encryption within a database system that is managed by a database administrator, and wherein a user administrator not otherwise associated with the database system, manages users of the database system. This system performs encryption automatically and transparently to a user of the database system. The system operates by receiving a request to store data in a column of the database system. If a user has designated the column as an encrypted column, the system automatically encrypts the data using an encryption function. This encryption function uses a key stored in a keyfile managed by the security administrator. After encrypting the data, the system stores the data in the database system using a storage function of the database system.

Claims (24)

1. A method for managing encryption within a database system that is managed by a security administrator, wherein encryption is performed automatically and transparently to a user of the database system, wherein users of the database system are managed by a user administrator, the method comprising:
receiving a request to store data in a column of the database system, wherein the column is designated as an encrypted column;

in response to receiving the request, automatically encrypting data using an encryption function, wherein the encryption function uses a key stored in a keyfile managed by the security administrator; and storing data in the database system using a storage function of the database system.
2. The method of claim 1, further comprising:
receiving a request to retrieve data from the encrypted column of the database system;
if the request to retrieve data is received from the database administrator, preventing the database administrator from decrypting encrypted data;
if the request to retrieve data is received from the security administrator, preventing the security administrator from decrypting encrypted data; and if the request to retrieve data is from an authorized user of the database system, allowing the authorized user to decrypt encrypted data.
3. The method of claim 1, wherein the security administrator selects one of, data encryption standard (DES) and triple DES as a mode of encryption for the column.
4. The method of claim 1, wherein the security administrator, the database administrator, and the user administrator are distinct roles, and wherein a person selected for one of these roles is not allowed to be selected for another of these roles.
5. The method of claim 1, wherein managing the keyfile includes, but is not limited to:

creating the keyfile;
establishing a plurality of keys to be stored in the keyfile;
establishing a relationship between a key identifier and the key stored in the keyfile;
storing the keyfile in one of, an encrypted file in the database system, and a location separate from the database system; and moving an obfuscated copy of the keyfile to a volatile memory within a server associated with the database system.
6. The method of claim 1, wherein upon receiving a request from the security administrator specifying the column to be encrypted, if the column currently contains data, the method further comprises:
decrypting the column using an old key if the column was previously encrypted; and encrypting the column using a new key.
7. The method of claim 5, wherein the key identifier associated with the encrypted column is stored as metadata associated with a table containing the encrypted column within the database system.
8. The method of claim 5, further comprising establishing encryption parameters for the encrypted column, wherein the encryption parameters include encryption mode, key length, and integrity type by:
entering encryption parameters for the encrypted column manually; and recovering encryption parameters for the encrypted column from a profile table in the database system.
9. A computer-readable storage medium storing instructions that when executed by a computer causes the computer to perform a method for managing encryption within a database system that is managed by a security administrator, wherein encryption is performed automatically and transparently to a user of the database system, wherein users of the database system are managed by a user administrator, the method comprising:
receiving a request to store data in a column of the database system, wherein the column is designated as an encrypted column;
in response to receiving the request, automatically encrypting data using an encryption function, wherein the encryption function uses a key stored in a keyfile managed by the security administrator; and storing data in the database system using a storage function of the database system.
10. The computer-readable storage medium of claim 9, the method further comprises:
receiving a request to retrieve data from the encrypted column of the database system;
if the request to retrieve data is received from the database administrator, preventing the database administrator from decrypting encrypted data;
if the request to retrieve data is received from the security administrator, preventing the security administrator from decrypting encrypted data; and if the request to retrieve data is from an authorized user of the database system, allowing the authorized user to decrypt encrypted data.
11. The computer-readable storage medium of claim 9, wherein the security administrator selects one of, data encryption standard {DES) and triple DES
as a mode of encryption for the column.
12. The computer-readable storage medium of claim 9, wherein the security administrator, the database administrator, and the user administrator are distinct roles, and wherein a person selected for one of these roles is not allowed to be selected for another of these roles.
13. The computer-readable storage medium of claim 9, wherein managing the keyfile includes, but is not limited to:
creating the keyfile;
establishing a plurality of keys to be stored in the keyfile;
establishing a relationship between a key identifier and the key stored in the keyfile;
storing the keyfile in one of, an encrypted file in the database system, and a location separate from the database system; and moving an obfuscated copy of the keyfile to a volatile memory within a server associated with the database system.
14. The computer-readable storage medium of claim 9, wherein upon receiving a request from the security administrator specifying the column to be encrypted, if the column currently contains data, the method further comprises:
decrypting the column using an old key if the column was previously encrypted; and encrypting the column using a new key.
15. The computer-readable storage medium of claim 13, wherein the key identifier associated with the encrypted column is stored as metadata associated with a table containing the encrypted column within the database system.
16. The computer-readable storage medium of claim 13, wherein the method further comprises establishing encryption parameters for the encrypted column, wherein the encryption parameters include encryption mode, key length, and integrity type by:
entering encryption parameters for the encrypted column manually; and recovering encryption parameters for the encrypted column from a profile table in the database system.
17. An apparatus that facilitates managing encryption within a database system that is managed by a security administrator, wherein encryption is performed automatically and transparently to a user of the database system, wherein users of the database system are managed by a user administrator, comprising:
a receiving mechanism that is configured to receive a request to store data in a column of the database system, wherein the column is designated as an encrypted column;
an encrypting mechanism that is configured to encrypt data using an encryption function, wherein the encryption function uses a key stored in a keyfile managed by the security administrator; and a storing mechanism that is configured to store data in the database system using a storage function of the database system.
18. The apparatus of claim 17, further comprising:
the receiving mechanism that is further configured to receive a request to retrieve data from the encrypted column of the database system;
an access mechanism that is configured to prevent the database administrator and the security administrator from decrypting encrypted data; and wherein the access mechanism is configured to allow an authorized user of the database system to decrypt encrypted data.
19. The apparatus of claim 17, further comprising a selection mechanism that is configured to select one of, data encryption standard (DES) and triple DES as a mode of encryption for the column.
20. The apparatus of claim 17, wherein the security administrator, the database administrator, and the user administrator are distinct roles, and wherein a person selected for one of these roles is not allowed to be selected for another of these roles.
21. The apparatus of claim 17, further comprising:
a creating mechanism that is configured to create the keyfile;
an establishing mechanism that is configured to establish a plurality of keys to be stored in the keyfile;

wherein the establishing mechanism is further configured to establish a relationship between a lcey identifier and the key stored in the keyfile;
a storing mechanism that is configured to store the keyfile in one of, an encrypted file in the database system, and a location separate from the database system; and a moving mechanism that is configured to move an obfuscated copy of the keyfile to a volatile memory within a server associated with the database system.
22. The apparatus of claim 17, further comprising:
a decrypting mechanism that is configured to decrypt the column using a previous key if the column was previously encrypted; and wherein the encrypting mechanism is further configured to encrypt the column using a new key.
23. The apparatus of claim 21, wherein the key identifier associated with the encrypted column is stored as metadata associated with a table containing the encrypted column within the database system.
24. The apparatus of claim 21, wherein the establishing mechanism is further configured to establish encryption parameters for the encrypted column, wherein encryption parameters include encryption mode, key length, and integrity type, and wherein the establishing mechanism includes:

an entering mechanism that is configured to enter encryption parameter s for the encrypted column manually; and a recovering mechanism that is configured to recover encryption parameters for the encrypted column from a profile table in the database system.
CA2417516A 2000-10-06 2001-10-05 Method and apparatus for automatic database encryption Expired - Lifetime CA2417516C (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US09/680,599 2000-10-06
US09/680,599 US7111005B1 (en) 2000-10-06 2000-10-06 Method and apparatus for automatic database encryption
PCT/US2001/042469 WO2002029577A2 (en) 2000-10-06 2001-10-05 Method and apparatus for automatic database encryption

Publications (2)

Publication Number Publication Date
CA2417516A1 true CA2417516A1 (en) 2002-04-11
CA2417516C CA2417516C (en) 2012-12-18

Family

ID=24731734

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2417516A Expired - Lifetime CA2417516C (en) 2000-10-06 2001-10-05 Method and apparatus for automatic database encryption

Country Status (6)

Country Link
US (1) US7111005B1 (en)
EP (1) EP1374063A2 (en)
JP (1) JP4398145B2 (en)
AU (2) AU1343602A (en)
CA (1) CA2417516C (en)
WO (1) WO2002029577A2 (en)

Families Citing this family (111)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SE9904094D0 (en) * 1999-11-12 1999-11-12 Protegrity Research & Dev Method for reencryption of a database
US7362868B2 (en) * 2000-10-20 2008-04-22 Eruces, Inc. Hidden link dynamic key manager for use in computer systems with database structure for storage of encrypted data and method for storage and retrieval of encrypted data
US20030021417A1 (en) 2000-10-20 2003-01-30 Ognjen Vasic Hidden link dynamic key manager for use in computer systems with database structure for storage of encrypted data and method for storage and retrieval of encrypted data
US20070079119A1 (en) * 2000-11-16 2007-04-05 Ulf Mattsson Encryption key rotation
US7418098B1 (en) * 2000-11-27 2008-08-26 Protegrity Corporation Data type preserving encryption
US7757278B2 (en) * 2001-01-04 2010-07-13 Safenet, Inc. Method and apparatus for transparent encryption
DE60130902T2 (en) * 2001-11-23 2008-07-17 Protegrity Research & Development Method for detecting intrusion into a database system
US8010405B1 (en) 2002-07-26 2011-08-30 Visa Usa Inc. Multi-application smart card device software solution for smart cardholder reward selection and redemption
US8015060B2 (en) 2002-09-13 2011-09-06 Visa Usa, Inc. Method and system for managing limited use coupon and coupon prioritization
US9852437B2 (en) 2002-09-13 2017-12-26 Visa U.S.A. Inc. Opt-in/opt-out in loyalty system
US8626577B2 (en) 2002-09-13 2014-01-07 Visa U.S.A Network centric loyalty system
US7827077B2 (en) 2003-05-02 2010-11-02 Visa U.S.A. Inc. Method and apparatus for management of electronic receipts on portable devices
US10339336B2 (en) * 2003-06-11 2019-07-02 Oracle International Corporation Method and apparatus for encrypting database columns
US8554610B1 (en) 2003-08-29 2013-10-08 Visa U.S.A. Inc. Method and system for providing reward status
US7051923B2 (en) 2003-09-12 2006-05-30 Visa U.S.A., Inc. Method and system for providing interactive cardholder rewards image replacement
US8005763B2 (en) 2003-09-30 2011-08-23 Visa U.S.A. Inc. Method and system for providing a distributed adaptive rules based dynamic pricing system
US8407083B2 (en) 2003-09-30 2013-03-26 Visa U.S.A., Inc. Method and system for managing reward reversal after posting
US7653602B2 (en) 2003-11-06 2010-01-26 Visa U.S.A. Inc. Centralized electronic commerce card transactions
US7681042B2 (en) 2004-06-17 2010-03-16 Eruces, Inc. System and method for dis-identifying sensitive information and associated records
JP2006018499A (en) * 2004-06-30 2006-01-19 Sony Corp Data storage device, data providing system, and data providing method
US7797342B2 (en) * 2004-09-03 2010-09-14 Sybase, Inc. Database system providing encrypted column support for applications
US7743069B2 (en) * 2004-09-03 2010-06-22 Sybase, Inc. Database system providing SQL extensions for automated encryption and decryption of column data
US20060074897A1 (en) * 2004-10-04 2006-04-06 Fergusson Iain W System and method for dynamic data masking
KR20060058546A (en) * 2004-11-25 2006-05-30 펜타시큐리티시스템 주식회사 Method and apparatus for providing database encryption and access control
US8045714B2 (en) * 2005-02-07 2011-10-25 Microsoft Corporation Systems and methods for managing multiple keys for file encryption and decryption
US7827403B2 (en) * 2005-04-13 2010-11-02 Oracle International Corporation Method and apparatus for encrypting and decrypting data in a database table
US8171238B1 (en) 2007-07-05 2012-05-01 Silver Peak Systems, Inc. Identification of data stored in memory
US8392684B2 (en) 2005-08-12 2013-03-05 Silver Peak Systems, Inc. Data encryption in a network memory architecture for providing data based on local accessibility
US8095774B1 (en) 2007-07-05 2012-01-10 Silver Peak Systems, Inc. Pre-fetching data into a memory
US8811431B2 (en) 2008-11-20 2014-08-19 Silver Peak Systems, Inc. Systems and methods for compressing packet data
US8929402B1 (en) 2005-09-29 2015-01-06 Silver Peak Systems, Inc. Systems and methods for compressing packet data by predicting subsequent data
US8489562B1 (en) 2007-11-30 2013-07-16 Silver Peak Systems, Inc. Deferred data storage
JP4794571B2 (en) * 2005-12-02 2011-10-19 インターナショナル・ビジネス・マシーンズ・コーポレーション System and method for efficient access to database
US7844829B2 (en) * 2006-01-18 2010-11-30 Sybase, Inc. Secured database system with built-in antivirus protection
US7827525B1 (en) * 2006-06-02 2010-11-02 Richard Paul Navaro Data object utilization in software applications
US7769176B2 (en) * 2006-06-30 2010-08-03 Verint Americas Inc. Systems and methods for a secure recording environment
US7848524B2 (en) 2006-06-30 2010-12-07 Verint Americas Inc. Systems and methods for a secure recording environment
US7853800B2 (en) * 2006-06-30 2010-12-14 Verint Americas Inc. Systems and methods for a secure recording environment
US8885632B2 (en) 2006-08-02 2014-11-11 Silver Peak Systems, Inc. Communications scheduler
US8755381B2 (en) 2006-08-02 2014-06-17 Silver Peak Systems, Inc. Data matching using flow based packet data storage
US7882354B2 (en) 2006-09-07 2011-02-01 International Business Machines Corporation Use of device driver to function as a proxy between an encryption capable tape drive and a key manager
US7904732B2 (en) * 2006-09-27 2011-03-08 Rocket Software, Inc. Encrypting and decrypting database records
US8661263B2 (en) 2006-09-29 2014-02-25 Protegrity Corporation Meta-complete data storage
US20080163332A1 (en) * 2006-12-28 2008-07-03 Richard Hanson Selective secure database communications
US8892905B2 (en) * 2007-03-21 2014-11-18 Oracle International Corporation Method and apparatus for performing selective encryption/decryption in a data storage system
US20080235603A1 (en) * 2007-03-21 2008-09-25 Holm Aaron H Digital file management system with dynamic roles assignment and user level image/data interchange
US20080263645A1 (en) * 2007-04-23 2008-10-23 Telus Communications Company Privacy identifier remediation
US20100031321A1 (en) * 2007-06-11 2010-02-04 Protegrity Corporation Method and system for preventing impersonation of computer system user
US9158933B2 (en) * 2007-08-17 2015-10-13 Sybase, Inc. Protection of encryption keys in a database
JP2009111687A (en) * 2007-10-30 2009-05-21 Fujitsu Ltd Storage device, and encrypted data processing method
US8307115B1 (en) 2007-11-30 2012-11-06 Silver Peak Systems, Inc. Network memory mirroring
US8479013B2 (en) * 2008-01-18 2013-07-02 Photonic Data Security, Llc Secure portable data transport and storage system
US8225106B2 (en) 2008-04-02 2012-07-17 Protegrity Corporation Differential encryption utilizing trust modes
US7904489B2 (en) * 2008-05-09 2011-03-08 Target Brands, Inc. Database unload/reload of partitioned tables
US8743683B1 (en) 2008-07-03 2014-06-03 Silver Peak Systems, Inc. Quality of service using multiple flows
US10805840B2 (en) 2008-07-03 2020-10-13 Silver Peak Systems, Inc. Data transmission via a virtual wide area network overlay
US9717021B2 (en) 2008-07-03 2017-07-25 Silver Peak Systems, Inc. Virtual network overlay
US10164861B2 (en) 2015-12-28 2018-12-25 Silver Peak Systems, Inc. Dynamic monitoring and visualization for network health characteristics
EP2189925A3 (en) * 2008-11-25 2015-10-14 SafeNet, Inc. Database obfuscation system and method
US8504844B2 (en) * 2008-12-19 2013-08-06 Teradata Us, Inc. System, method, and computer-readable medium for cryptographic key rotation in a database system
US8751826B2 (en) * 2009-04-01 2014-06-10 Salesforce.Com, Inc. Enhanced system security
US20100287597A1 (en) * 2009-05-07 2010-11-11 Microsoft Corporation Security policy trigger for policy enforcement
US10540508B2 (en) * 2009-09-17 2020-01-21 Oracle International Corporation Method and apparatus for securing a database configuration
US20110145082A1 (en) 2009-12-16 2011-06-16 Ayman Hammad Merchant alerts incorporating receipt data
US8429048B2 (en) 2009-12-28 2013-04-23 Visa International Service Association System and method for processing payment transaction receipts
US8856157B2 (en) * 2011-08-23 2014-10-07 Business Objects Software Limited Automatic detection of columns to be obfuscated in database schemas
US9130991B2 (en) 2011-10-14 2015-09-08 Silver Peak Systems, Inc. Processing data packets in performance enhancing proxy (PEP) environment
US9626224B2 (en) 2011-11-03 2017-04-18 Silver Peak Systems, Inc. Optimizing available computing resources within a virtual environment
JP6048414B2 (en) * 2011-11-11 2016-12-21 日本電気株式会社 Database apparatus, method and program
US8812877B2 (en) 2011-11-11 2014-08-19 Nec Corporation Database encryption system, method, and program
US8996887B2 (en) 2012-02-24 2015-03-31 Google Inc. Log structured volume encryption for virtual machines
US9223807B2 (en) * 2012-09-13 2015-12-29 International Business Machines Corporation Role-oriented database record field security model
US10032216B2 (en) * 2013-10-07 2018-07-24 State Farm Mutual Automobile Insurance Company Method and system for a vehicle auction tool with vehicle condition assessments
US10140782B2 (en) 2013-10-07 2018-11-27 State Farm Mutual Automobile Insurance Company Vehicle sharing tool based on vehicle condition assessments
US10423989B2 (en) 2013-10-07 2019-09-24 State Farm Mutual Automobile Insurance Company Systems and methods to assess the condition of a vehicle
US10515231B2 (en) * 2013-11-08 2019-12-24 Symcor Inc. Method of obfuscating relationships between data in database tables
US9948496B1 (en) 2014-07-30 2018-04-17 Silver Peak Systems, Inc. Determining a transit appliance for data traffic to a software service
US9875344B1 (en) 2014-09-05 2018-01-23 Silver Peak Systems, Inc. Dynamic monitoring and authorization of an optimization device
JP6435815B2 (en) * 2014-12-01 2018-12-12 富士通株式会社 Information concealment program, information concealment method and information concealment device
KR101613146B1 (en) * 2015-03-24 2016-04-18 주식회사 티맥스데이터 Method for encrypting database
KR101563461B1 (en) * 2015-03-24 2015-10-26 주식회사 티맥스데이터 Method, server and computer program for security management in database
KR101939755B1 (en) 2015-05-08 2019-01-17 주식회사 예일전자 Vibration output device coupled to wearable device
KR20160114492A (en) 2015-09-17 2016-10-05 주식회사 티맥스데이터 Method, server and computer program for security management in database
US9946744B2 (en) * 2016-01-06 2018-04-17 General Motors Llc Customer vehicle data security method
KR101692055B1 (en) 2016-02-24 2017-01-18 주식회사 티맥스데이터 Method, apparatus, and computer program stored in computer readable storage medium for managing shared memory in database server
KR101643278B1 (en) 2016-02-26 2016-07-28 주식회사 티맥스데이터 Method, apparatus, and computer program stored in computer readable medium for managing storage server in database system
KR101797482B1 (en) 2016-04-22 2017-11-14 주식회사 티맥스데이터 Method, apparatus, and computer program stored in computer readable medium for recoverying block in database system
US10432484B2 (en) 2016-06-13 2019-10-01 Silver Peak Systems, Inc. Aggregating select network traffic statistics
KR101747265B1 (en) 2016-06-20 2017-06-15 주식회사 티맥스데이터 Method and apparatus for executing query and computer readable medium therefor
KR101751970B1 (en) 2016-06-20 2017-07-03 주식회사 티맥스데이터 Method and apparatus for executing query and computer readable medium therefor
US9967056B1 (en) 2016-08-19 2018-05-08 Silver Peak Systems, Inc. Forward packet recovery with constrained overhead
EP3516575B1 (en) 2016-09-21 2023-03-15 INTEL Corporation Technologies for user-mode persistence of certificates and keys in resource-constrained devices
US11393046B1 (en) * 2017-01-17 2022-07-19 Intuit Inc. System and method for perpetual rekeying of various data columns with a frequency and encryption strength based on the sensitivity of the data columns
US10303895B1 (en) 2017-01-19 2019-05-28 Intuit Inc. System and method for perpetual rekeying of various data columns with respective encryption keys and on alternating bases
US10771394B2 (en) 2017-02-06 2020-09-08 Silver Peak Systems, Inc. Multi-level learning for classifying traffic flows on a first packet from DNS data
US11044202B2 (en) 2017-02-06 2021-06-22 Silver Peak Systems, Inc. Multi-level learning for predicting and classifying traffic flows from first packet data
US10257082B2 (en) 2017-02-06 2019-04-09 Silver Peak Systems, Inc. Multi-level learning for classifying traffic flows
US10892978B2 (en) 2017-02-06 2021-01-12 Silver Peak Systems, Inc. Multi-level learning for classifying traffic flows from first packet data
US10540522B2 (en) * 2017-07-14 2020-01-21 Avoka Technologies Pty Ltd. Storing data securely in a database
US11212210B2 (en) 2017-09-21 2021-12-28 Silver Peak Systems, Inc. Selective route exporting using source type
US10699023B1 (en) * 2017-11-20 2020-06-30 Amazon Technologies, Inc. Encryption profiles for encrypting user-submitted data
US10637721B2 (en) 2018-03-12 2020-04-28 Silver Peak Systems, Inc. Detecting path break conditions while minimizing network overhead
US11595205B1 (en) 2019-11-22 2023-02-28 Amazon Technologies, Inc. Database with client-controlled encryption key
US11568063B1 (en) 2019-11-22 2023-01-31 Amazon Technologies, Inc. Database with client-controlled encryption key
US11860673B1 (en) * 2019-11-22 2024-01-02 Amazon Technologies, Inc. Database with client-controlled encryption key
US11483147B2 (en) * 2020-01-23 2022-10-25 Bank Of America Corporation Intelligent encryption based on user and data properties
US11374748B2 (en) * 2020-04-15 2022-06-28 Salesforce.Com, Inc. Cache management for encryption key rotation
US11483150B2 (en) 2020-06-01 2022-10-25 Salesforce.Com, Inc. Private key cache in secure enclave
WO2022002351A1 (en) * 2020-06-29 2022-01-06 Huawei Technologies Co., Ltd. Data storage server and client devices for securely storing data
CN116194920A (en) * 2020-06-29 2023-05-30 华为技术有限公司 Data storage server and client device for securely storing data
CN115086354A (en) * 2022-05-31 2022-09-20 北京融讯智晖技术有限公司 User data management system for video cloud fusion

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DK279089D0 (en) * 1989-06-07 1989-06-07 Kommunedata I S PROCEDURE FOR TRANSFER OF DATA, AN ELECTRONIC DOCUMENT OR SIMILAR, SYSTEM FOR EXERCISING THE PROCEDURE AND A CARD FOR USE IN EXERCISING THE PROCEDURE
US5052040A (en) 1990-05-25 1991-09-24 Micronyx, Inc. Multiple user stored data cryptographic labeling system and method
GB9112644D0 (en) 1991-06-12 1991-07-31 Int Computers Ltd Data processing system with cryptographic facility
US5751949A (en) 1995-05-23 1998-05-12 Mci Corporation Data security system and method
US5835594A (en) * 1996-02-09 1998-11-10 Intel Corporation Methods and apparatus for preventing unauthorized write access to a protected non-volatile storage
SE506853C2 (en) * 1996-06-20 1998-02-16 Anonymity Prot In Sweden Ab Method of data processing
US5924094A (en) * 1996-11-01 1999-07-13 Current Network Technologies Corporation Independent distributed database system
US6185681B1 (en) * 1998-05-07 2001-02-06 Stephen Zizzi Method of transparent encryption and decryption for an electronic document management system
US6292899B1 (en) * 1998-09-23 2001-09-18 Mcbride Randall C. Volatile key apparatus for safeguarding confidential data stored in a computer system memory
US6564225B1 (en) * 2000-07-14 2003-05-13 Time Warner Entertainment Company, L.P. Method and apparatus for archiving in and retrieving images from a digital image library

Also Published As

Publication number Publication date
CA2417516C (en) 2012-12-18
WO2002029577A2 (en) 2002-04-11
AU2002213436B2 (en) 2006-04-13
US7111005B1 (en) 2006-09-19
JP2004528615A (en) 2004-09-16
EP1374063A2 (en) 2004-01-02
JP4398145B2 (en) 2010-01-13
WO2002029577A3 (en) 2003-09-18
AU1343602A (en) 2002-04-15

Similar Documents

Publication Publication Date Title
CA2417516A1 (en) Method and apparatus for automatic database encryption
AU2002213436A1 (en) Method and apparatus for automatic database encryption
CN104662870B (en) Data safety management system
US8751804B1 (en) Controlling access to data within encrypted copies of files using salt parameters
US7313694B2 (en) Secure file access control via directory encryption
US7921305B2 (en) Portable information terminal and data protecting method
US20010056541A1 (en) File management apparatus
US20110085664A1 (en) Systems and methods for managing multiple keys for file encryption and decryption
US20060010323A1 (en) Method for a repository to provide access to a document, and a repository arranged in accordance with the same method
EP2013709A2 (en) Method, system, and computer-readable medium to maintain and/or purge files of a document management system
WO2012151785A1 (en) Built-in file encryption method for mobile terminal and mobile terminal
EP0695997A3 (en) Methods for providing secure access to shared information
CA2568739A1 (en) System, method, and computer program product for providing digital rights management of protected content
WO2001065545A3 (en) Method and apparatus for using non-secure file servers for secure information storage
JP2005534104A5 (en)
CA2548356A1 (en) Avoiding server storage of client state
CN105787387A (en) Database encryption method and encryption database query method
GB2274229A (en) Cryptography system.
CA2388537A1 (en) Wireless security access management for a portable data storage cartridge
US20020078049A1 (en) Method and apparatus for management of encrypted data through role separation
JP2004126639A (en) Data management system, method and program
TW201329776A (en) System and method for protection of file content security
WO2001033829A3 (en) Internet-based shared file service and distributed access control
CA2586172A1 (en) System and method for providing authorized access to digital content
CN106919850B (en) File encryption and decryption method and device

Legal Events

Date Code Title Description
EEER Examination request
MKEX Expiry

Effective date: 20211005

MKEX Expiry

Effective date: 20211005