Key rotation
First Claim
Patent Images
1. A computer-implemented method for providing security to data in a database, said method comprising:
- providing a mechanism for allowing a user to select at least one previously encrypted column; and
providing an automated tool that is associated with said mechanism for allowing said user to specify a new key for re-encryption of data in said at least one selected previously encrypted column.
4 Assignments
0 Petitions
Accused Products
Abstract
A system and method for a mechanism is provided for automatically selecting a new encryption key for re-encrypting data in a target database. New initialization vectors may be specified for re-encrypting each column of data selected for re-encryption. Further, a new initialization vector may be specified for one or more rows of data of a database table in the target database that is selected for re-encryption.
-
Citations
30 Claims
-
1. A computer-implemented method for providing security to data in a database, said method comprising:
-
providing a mechanism for allowing a user to select at least one previously encrypted column; and
providing an automated tool that is associated with said mechanism for allowing said user to specify a new key for re-encryption of data in said at least one selected previously encrypted column. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An encryption system for encrypting data in a database, the encryption system comprising:
-
a means for allowing a user to select at least one previously encrypted column for re-encryption; and
a means for allowing said user to specify a new key for said re-encryption of data in said at least one selected previously encrypted column. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. An apparatus for encrypting data in a database, the apparatus comprising:
-
one or more processors;
a storage for encryption keys;
an authentication mechanism for authenticating a user who desires to access said database;
a database interface for interfacing with said database;
a management console for allowing said user to manage said data in said database;
a storage medium carrying one or more sequences of one or more instructions which, when executed by said one or more processors, cause said one or more processors to perform the steps of;
providing a mechanism for allowing said user to select at least one previously encrypted column; and
providing an automated tool that is associated with said mechanism for allowing said user to specify a new key for re-encryption of data in said at least one selected previously encrypted column. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
-
-
23. One or more propagated data signals collectively conveying data that causes a computing system to perform a method for providing security to data in a database, said method comprising:
-
providing a mechanism for allowing a user to select at least one previously encrypted column; and
providing an automated tool that is associated with said mechanism for allowing said user to specify a new key for re-encryption of data in said at least one selected previously encrypted column. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30)
-
Specification