Compression of encrypted data in database management systems
First Claim
Patent Images
1. A method implemented in a computer-readable storage medium and to execute on a processor for performing the method, comprising:
- declaring, by the processor, a table in a database management system having one or more columns including an encrypted column with one or more constant values that are to be both encrypted and compressed, some columns are encrypted when an encryption attribute is present, some columns are compressed when a compression attribute is present, and some columns are both encrypted and compressed when both the encryption and compression attribute are present;
initializing, by the processor, the declared table, the initialization includes;
encrypting, by the processor, each constant value according to an encryption key to produce a cipher text for each constant value when the encryption attribute is presentcompressing, by the processor, each cipher text when the compression attribute is present; and
storing, by the processor, each encrypted, compressed, and encrypted and compressed cipher text in a header of the table; and
selecting, by the processor, one or more rows of data from the initialized table;
selecting a row includes;
for each column of data to be selected in the row, determining if the column is to be uncompressed and decrypted; and
if the column is to be uncompressed and decrypted, retrieving a cipher text value from the table header and decrypting the value to produce the clear text representation.
2 Assignments
0 Petitions
Accused Products
Abstract
The subject matter herein relates to database management systems and, more particularly, compression of encrypted data in database management systems. Various embodiments provide systems, methods, and software that compress encrypted column values stored tables. Some other embodiments include declaring tables with column encrypt and compress attributes.
31 Citations
15 Claims
-
1. A method implemented in a computer-readable storage medium and to execute on a processor for performing the method, comprising:
-
declaring, by the processor, a table in a database management system having one or more columns including an encrypted column with one or more constant values that are to be both encrypted and compressed, some columns are encrypted when an encryption attribute is present, some columns are compressed when a compression attribute is present, and some columns are both encrypted and compressed when both the encryption and compression attribute are present; initializing, by the processor, the declared table, the initialization includes; encrypting, by the processor, each constant value according to an encryption key to produce a cipher text for each constant value when the encryption attribute is present compressing, by the processor, each cipher text when the compression attribute is present; and storing, by the processor, each encrypted, compressed, and encrypted and compressed cipher text in a header of the table; and selecting, by the processor, one or more rows of data from the initialized table;
selecting a row includes;for each column of data to be selected in the row, determining if the column is to be uncompressed and decrypted; and if the column is to be uncompressed and decrypted, retrieving a cipher text value from the table header and decrypting the value to produce the clear text representation. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system implemented in a computer-readable storage medium and to execute on one or more processors, comprising:
-
a database management system, which is a relational database management system and implemented in a computer-readable medium and to execute on a processor and including a file system, memory, column data encryption and compression services that; service column declaration of table declaration statements including a declaration of a column, the column including an encryption attribute, a compression attribute, or both the encryption and compression attribute indicating that the column is to be both encrypted and compressed, encryption is based on an encryption key; and service column initialization of a declared table where the column is declared to be both encrypted and compressed when both the encryption and compression attributes are present, when the column includes just the compression attribute just compression of the column takes place, and when the column includes just the encryption attribute just encryption of the column takes place, encryption results in a cipher text for each constant that is encrypted and compression results in the cipher text being compressed, both encryption and compression results in the cipher text being both encrypted and compressed, and each compressed cipher text is stored for each constant appearing in data for the column in a header of the table; and selecting, by the processor, one or more rows of data from the initialized table; selecting a row includes; for each column of data to be selected in the row, determining if the column is to be uncompressed and decrypted; and if the column is to be uncompressed and decrypted, retrieving a cipher text value from the table header and decrypting the value to produce the clear text representation. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A computer-readable storage medium, with instructions that execute on a processor and cause the processor to:
-
declare a table in a database management system having one or more columns, some columns compressed, some columns encrypted, and some columns both encrypted and compressed, constant values in the columns are subject to compression, encryption, or both encryption and compression based on attributes associated with the columns; and initialize the declared table, the initialization includes; encrypting each constant value for columns having an encryption attribute according to an encryption key to produce a cipher text for each constant value; compressing each cipher text for each constant value for columns having a compression attribute; and storing each encrypted, compressed, or encrypted and compressed cipher text in a header of the table; and select one or more rows of data from the initialized table, wherein selecting a row includes; for each column of data to be selected in the row, determining if the column is to be uncompressed and decrypted; and if the column is to be uncompressed and decrypted, retrieving a cipher text value from the table header and decrypting the value to produce the clear text representation. header of the table. - View Dependent Claims (12, 13, 14, 15)
-
Specification