Method and apparatus for facilitating role-based cryptographic key management for a database

US 8,064,604 B2
Filed: 01/09/2007
Issued: 11/22/2011
Est. Priority Date: 04/04/2006
Status: Active Grant

First Claim

Patent Images

1. A method for facilitating role-based cryptographic key management, the method comprising:

receiving a request at a computer system from a first user to perform a cryptographic operation, wherein the first user is a member of a first role, and the first role is a member of a second role that has been granted permission to perform the cryptographic operation, and wherein a second role key associated with the second role is wrapped with a first role key associated with the first role;

receiving a user secret to unwrap a first user key associated with the first user;

using the first user key to unwrap the first role key;

using the first role key to unwrap the second role key;

using the second role key to unwrap a data key and a permission, wherein the data key is a column key used to perform cryptographic operations on a column, a row, or a cell, within a database, and wherein the permission specifies cryptographic operations applicable to the second role; and

responsive to the applicable permission, using the data key to perform the cryptographic operation.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One embodiment of the present invention provides a system that facilitates role-based cryptographic key management. The system operates by receiving a request at a database server from a user to perform a cryptographic operation on data on the database server, wherein the user is a member of a role, and wherein the role has been granted permission to perform the cryptographic operation on the data. Next, the system receives from the user at the database server a user key, which is associated with the user. The system then unwraps a wrapped role key with the user key to obtain a role key, which is associated with the role. Next, the system unwraps a wrapped data key with the role key to obtain a data key, which is used to encrypt and decrypt the data. Finally, the system uses the data key to perform the cryptographic operation on the data.

26 Citations

View as Search Results

19 Claims

1. A method for facilitating role-based cryptographic key management, the method comprising:
- receiving a request at a computer system from a first user to perform a cryptographic operation, wherein the first user is a member of a first role, and the first role is a member of a second role that has been granted permission to perform the cryptographic operation, and wherein a second role key associated with the second role is wrapped with a first role key associated with the first role;
  
  receiving a user secret to unwrap a first user key associated with the first user;
  
  using the first user key to unwrap the first role key;
  
  using the first role key to unwrap the second role key;
  
  using the second role key to unwrap a data key and a permission, wherein the data key is a column key used to perform cryptographic operations on a column, a row, or a cell, within a database, and wherein the permission specifies cryptographic operations applicable to the second role; and
  
  responsive to the applicable permission, using the data key to perform the cryptographic operation.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising adding a second user to the first role by:
    - receiving, at the computer system, a second user key associated with the second user;
      
      receiving a command to add the second user to the first role; and
      
      in response to the command, wrapping the first role key with the second user key.
  - 3. The method of claim 2, wherein the second user key is an asymmetric key, wherein a public key portion of the second user key is stored on the computer system, and wherein the second user is added to the first role while the second user is offline by using the public key portion of the second user key.
  - 4. The method of claim 3, wherein the public key portion of the second user key is protected by at least one of:
    - a certificate;
      
      a digital signature;
      
      a server key; and
      
      an administrator key.
  - 5. The method of claim 1, further comprising granting permission to the first role to perform the cryptographic operation on the data by:
    - receiving a command to grant permission to the first role to perform the cryptographic operation on the data; and
      
      in response to the command, wrapping the data key with the first role key.
  - 6. The method of claim 1, further comprising granting membership in the first role to a third role by:
    - receiving a command to grant membership in the first role to the third role; and
      
      in response to the command, wrapping the first role key with a third role key associated with the third role.
  - 7. The method of claim 1, wherein the first role key and the data key are not revealed outside of the computer system.
  - 8. The method of claim 1, further comprising removing the first user from the first role by deleting the first wrapped role key that is wrapped with the first user key associated with the first user.
  - 9. The method of claim 1, further comprising revoking from the first role ability to perform cryptographic operations on the data by deleting the first wrapped data key that is wrapped with the first role key associated with the first role.

10. A non-transitory computer readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for facilitating role-based cryptographic key management, the method comprising:
- receiving a request at a computer system for a first user to perform a crypto graphic operation, where the first user is member of a first role, and the first role is a member of a second role that has been granted permission to perform the cryptographic operation, and wherein a second role key associated with the second role is wrapped with a first role key associated with the first role;
  
  receiving a user secret to unwrap a first user key associated with the first user;
  
  using the first user key to unwrap the first role key;
  
  using the first role key to unwrap the second role key;
  
  using the second role key to unwrap a data key and a permission, wherein the data key is a column key used to perform cryptographic operations on a column, a row, or a cell, within a database, and wherein the permission specifies cryptographic operations applicable to the second role; and
  
  responsive to the applicable permission, using the data key to perform the cryptographic operation.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The non-transitory computer-readable storage medium of claim 10, wherein the method further comprises adding a second user to the first role by:
    - receiving, at a computer system, a second user key associated with the second user;
      
      receiving a command to add the second user to the first role; and
      
      in response to the command, wrapping the first role key with the second user key.
  - 12. The non-transitory computer-readable storage medium of claim 11, wherein the second user key is an asymmetric key, wherein a public key portion of the second user key is stored on the computer system, and wherein the second user is added to the first role while the second user is offline by using the public key portion of the second user key.
  - 13. The non-transitory computer-readable storage medium of claim 12, wherein the public key portion of the second user key is protected by at least one of:
    - a certificate;
      
      a digital signature;
      
      a server key; and
      
      an administrator key.
  - 14. The non-transitory computer-readable storage medium of claim 10, wherein the method further comprises granting permission to the first role to perform the cryptographic operation on the data by:
    - receiving a command to grant permission to the first role to perform the cryptographic operation on the data; and
      
      in response to the command, wrapping the data key with the first role key.
  - 15. The non-transitory computer-readable storage medium of claim 10, wherein the method further comprises granting membership in the first role to a third role by:
    - receiving a command to grant membership in the first role to the third role; and
      
      in response to the command, wrapping the first role key with a third role key associated with the third role.
  - 16. The non-transitory computer-readable storage medium of claim 10, wherein the first role key and the data key are not revealed outside of the computer system.
  - 17. The non-transitory computer-readable storage medium of claim 10, wherein the method further comprises removing the first user from the first role by deleting the first wrapped role key that is wrapped with the first user key associated with the first user.
  - 18. The non-transitory computer-readable storage medium of claim 10, wherein the method further comprises revoking from the first role ability to perform cryptographic operations on the data by deleting the first wrapped data key that is wrapped with the first role key associated with the first role.

19. An apparatus configured to facilitate role based cryptographic key management, comprising:
- A processor;
  
  A receiving mechanism coupled to the processor and configured to receive a request from a user to perform a cryptographic operation on data at a computer system, wherein the user is a member of a first role, and the first role is a member of a second role that, role has been granted permission to perform the cryptographic operation, and wherein a second role key associated with the second role is wrapped with a first role key associated with the first role;
  
  wherein the receiving mechanism is further configured to receive from the user a user secret to unwrap a first user key associated with the first user;
  
  a cryptographic mechanism configured to use the first user key to unwrap the first role key;
  
  wherein cryptographic mechanism is further configured to use the first role key to unwrap the second role key;
  
  wherein cryptographic mechanism is further configured to use second role key to unwrap a data key and a permission, wherein the data key is a column key used to perform cryptographic operations on a column, a row, or a cell, within a database, and wherein the permission specifies cryptographic operations applicable to the second role; and
  
  wherein cryptographic mechanism is further configured to use the data key to perform the cryptographic operation responsive to the applicable permission.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Youn, Paul
Primary Examiner(s)
Dada; Beemnet
Assistant Examiner(s)
BEHESHTI SHIRAZI, SAYED ARESH

Application Number

US11/651,283
Publication Number

US 20070230706A1
Time in Patent Office

1,778 Days
Field of Search

380/277, 705/71
US Class Current

380/277
CPC Class Codes

G06Q 20/3829   involving key management

H04L 2463/062   applying encryption of the ...

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 9/0822   using key encryption key

H04L 9/083   involving central third par...

Method and apparatus for facilitating role-based cryptographic key management for a database

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

26 Citations

19 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for facilitating role-based cryptographic key management for a database

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

19 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others