Efficient key updates in encrypted database systems
First Claim
1. A system comprising:
- a server computer in communication with at least one client computer through a communication network;
the server computer comprising;
lock management for allowing data stored in encrypted data storage on the server computer to be updated by an application program at a client computer while an encryption key protecting the data is concurrently being changed by placing a key update lock on a data record after receiving a key update request for the record and by placing a data update lock on the same record after receiving a data update request from a client computer for data update access to the same record and by sending conflict information to a client computer changing the encryption key, the requested record being made available to the data update requesting client computer after receiving an acknowledgement from the key update requesting client computer;
the computer changing the encryption key comprising;
key management for generating and storing data encryption keys used by a client computer to encrypt data stored on the server computer;
a log recording a conflict of the existence of a key update lock and a data update lock on the same record when the server allows data update access to a record of the encrypted data selected by a query while a key update lock is in place against the record;
log management for sending the acknowledgement to the server computer and to the data update requesting client computer when the conflict has been logged;
the data update requesting client computer comprising;
a cryptographic and data processor for decrypting and updating the accessed data;
the cryptographic and data processor encrypting the updated data with an old key and storing the updated data at the server computer when a conflict indicator acknowledgement has not been received with the data to be updated;
the cryptographic and data processor encrypting the updated data with a new key when a conflict indicator acknowledgement has been received with the data to be updated and storing the updated data at the server computer after a conflict indicator at the server has been removed.
5 Assignments
0 Petitions
Accused Products
Abstract
A system, method and programmed article of manufacture to perform efficient encryption key updates in encrypted database-as-a-service (DAS) environments using a key registry and key locks. A database as a service environment allows organizations to send their data management infrastructures to a database service provider. The service provider employs data encryption techniques to ensure the privacy of hosted data. The security of encryption techniques relies on the confidentiality of the encryption keys. The dynamic nature of the encrypted database in the DAS model adds complexity and raises specific requirements on key management techniques. The solution is provided by the key registry and by the key update lock, key management process and log management process to allow data update access to data concurrently with encryption key update for the same data.
43 Citations
5 Claims
-
1. A system comprising:
-
a server computer in communication with at least one client computer through a communication network; the server computer comprising; lock management for allowing data stored in encrypted data storage on the server computer to be updated by an application program at a client computer while an encryption key protecting the data is concurrently being changed by placing a key update lock on a data record after receiving a key update request for the record and by placing a data update lock on the same record after receiving a data update request from a client computer for data update access to the same record and by sending conflict information to a client computer changing the encryption key, the requested record being made available to the data update requesting client computer after receiving an acknowledgement from the key update requesting client computer; the computer changing the encryption key comprising; key management for generating and storing data encryption keys used by a client computer to encrypt data stored on the server computer; a log recording a conflict of the existence of a key update lock and a data update lock on the same record when the server allows data update access to a record of the encrypted data selected by a query while a key update lock is in place against the record; log management for sending the acknowledgement to the server computer and to the data update requesting client computer when the conflict has been logged; the data update requesting client computer comprising; a cryptographic and data processor for decrypting and updating the accessed data; the cryptographic and data processor encrypting the updated data with an old key and storing the updated data at the server computer when a conflict indicator acknowledgement has not been received with the data to be updated; the cryptographic and data processor encrypting the updated data with a new key when a conflict indicator acknowledgement has been received with the data to be updated and storing the updated data at the server computer after a conflict indicator at the server has been removed. - View Dependent Claims (2)
-
-
3. A system comprising:
-
a server computer in communication with at least one client computer through a communication network; the server computer comprising; lock management for allowing data stored in encrypted data storage on the server computer to be updated by an application program at a client computer while an encryption key protecting the data is concurrently being changed by placing a key update lock on a data record after receiving a key update request for the data record and by placing a data update lock on the same data record after receiving a data update request from a client computer for data update access to the same data record and by sending conflict information to the computer changing the encryption key, the requested data record being made available to the data update requesting client computer after receiving an acknowledgement from the key update requesting client computer, but preventing another computer from attempting to change the encryption key protecting the data while a key update lock is in place on the data record; the server computer waiting to store updated data from the data updating client computer until after the key update is complete and a conflict indicator at the server has been removed.
-
-
4. A program product having computer readable code stored on a recordable media for use in a system comprising a server computer in communication with at least one client computer through a communication network, the program product comprising:
-
lock management computer useable program code for allowing data stored in encrypted data storage on the server computer to be updated by an application program at a client computer while an encryption key protecting the data is concurrently being changed by placing a key update lock on a data record after receiving a key update request for the record and by placing a data update lock on the same record after receiving a data update request from a client computer for data update access to the same record and by sending conflict information to the client computer changing the encryption key, the requested record being made available to the data update requesting client computer after receiving an acknowledgement from the key update requesting client computer; key management computer useable program code for generating and storing data encryption keys used by a client computer to encrypt data stored on the server computer; log recording computer useable program code at the client computer for recording a conflict of the existence of a key update lock and a data update lock on a same record when the server will allow data update access to the same record of the encrypted data selected by a query while a key update lock is in place against the same record; log management computer useable program code at the client computer for sending the acknowledgement to the server computer when the conflict has been logged; the lock management computer useable program code allowing updated data to be stored only after the recorded conflict has been removed by the key updating computer. - View Dependent Claims (5)
-
Specification