Protection of encryption keys in a database

US 9,158,933 B2
Filed: 05/12/2009
Issued: 10/13/2015
Est. Priority Date: 08/17/2007
Status: Active Grant

First Claim

Patent Images

1. A method for protecting encryption keys in a database, comprising:

receiving a first password at a database server from a first individual entity, wherein said database server is associated with said database;

receiving a second password at said database server from a second individual entity;

generating, by at least one microprocessor, a first key, wherein said first key is protected using said first password;

generating a second key, wherein said second key is protected using said second password;

encrypting a third key using said second key to generate an encrypted third key, said third key being included in said encryption keys of said database; and

encrypting said encrypted third key using said first key, wherein use of said third key requires said first password to be provided to said database server by said first individual entity and said second password to be provided to said database server by said second individual entity, said first password being received at said database server separately and independently of said second password, said first individual entity being different and independent from said second individual entity, and said database server enforcing ownership of said first key by said first individual entity and enforcing ownership of said second key by said second individual entity.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

System, method, computer program product embodiments and combinations and sub-combinations thereof for protection of encryption keys in a database are described herein. An embodiment includes a master key and a dual master key, both of which are used to encrypt encryption keys in a database. To access encrypted data, the master key and dual master key must be supplied to a database server by two separate entities, thus requiring dual control of the master and dual master keys. Furthermore, passwords for the master and dual master keys must be supplied separately and independently, thus requiring split knowledge to access the master and dual master keys. In another embodiment, a master key and a key encryption key derived from a user password is used for dual control. An embodiment also includes supplying the secrets for the master key and dual master key through server-private files.

65 Citations

View as Search Results

24 Claims

1. A method for protecting encryption keys in a database, comprising:
- receiving a first password at a database server from a first individual entity, wherein said database server is associated with said database;
  
  receiving a second password at said database server from a second individual entity;
  
  generating, by at least one microprocessor, a first key, wherein said first key is protected using said first password;
  
  generating a second key, wherein said second key is protected using said second password;
  
  encrypting a third key using said second key to generate an encrypted third key, said third key being included in said encryption keys of said database; and
  
  encrypting said encrypted third key using said first key, wherein use of said third key requires said first password to be provided to said database server by said first individual entity and said second password to be provided to said database server by said second individual entity, said first password being received at said database server separately and independently of said second password, said first individual entity being different and independent from said second individual entity, and said database server enforcing ownership of said first key by said first individual entity and enforcing ownership of said second key by said second individual entity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein said generating, by the at least one microprocessor, said first key comprises:
    - receiving a command to create said first key; and
      
      receiving said first password.
  - 3. The method of claim 1, further comprising:
    - configuring the database server in an automatic master key access mode.
  - 4. The method of claim 3, wherein said configuring comprises:
    - enabling automatic master key access for said database server; and
      
      creating automatic access key copies for said first key and said second key.
  - 5. The method of claim 4, further comprising:
    - creating a key encryption key from random data;
      
      encrypting a master key automatic access copy using said key encryption key; and
      
      storing said key encryption key in a server-private master key startup file.
  - 6. The method of claim 1, further comprising:
    - initializing the database server in an automatic master key access mode.
  - 7. The method of claim 6, wherein said initializing comprises:
    - reading a key encryption key of a master key copy from a master key startup file; and
      
      decrypting a master key automatic access copy using said key encryption key.
  - 8. The method of claim 1, further comprising:
    - altering said first password from a first string to a second string.
  - 9. The method of claim 8, wherein said altering comprises:
    - receiving said first string;
      
      receiving said second string; and
      
      receiving a command to alter said first key.
  - 10. The method of claim 1, further comprising:
    - recovering said first key and said second key.
  - 11. The method of claim 1, further comprising:
    - regenerating said first key and said second key.
  - 12. The method of claim 11, wherein said regenerating comprises:
    - replacing a raw key value of said first key and said second key with a new raw key value; and
      
      re-encrypting said third key with regenerated first and second keys.
  - 13. The method of claim 1, further comprising:
    - updating a master key startup file.

14. A database server configured to protect encryption keys in a database, comprising:
- a microprocessor; and
  
  a memory in communication with said microprocessor, said memory storing a plurality of processing instructions, wherein said plurality of instructions direct said microprocessor to;
  
  receive a first password at said database server from a first individual entity;
  
  receive a second password at said database server from a second individual entity;
  
  generate a first key, wherein said first key is protected using said first password;
  
  generate a second key, wherein said second key is protected using said second password;
  
  encrypt a third key using said second key to generate an encrypted third key, said third key being included in said encryption keys of said database; and
  
  encrypt said encrypted third key using said first key, wherein use of said third key requires said first password to be provided to said database server by said first individual entity and said second password to be provided to said database server by said second individual entity, said first password being received at said database server separately and independently of said second password, said first individual entity being different and independent from said second individual entity, and said database server enforcing ownership of said first key by said first individual entity and enforcing ownership of said second key by said second individual entity.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 15. The system of claim 14, wherein said database server includes a key management module.
  - 16. The system of claim 14, wherein said first key and said second key are database level keys.
  - 17. The system of claim 14, wherein said first and said second key are key encryption keys (KEKs) for user created keys.
  - 18. The system of claim 17, wherein said plurality of instructions direct said microprocessor to use said first key in combination with said second key as a composite key to provide dual control and split knowledge for said user created keys.
  - 19. The system of claim 14, wherein said memory is configured to store at least a portion of a system table of said database, said first key being defined in said system table.
  - 20. The system of claim 14, wherein said database server is configurable to operate in an automatic master key access mode.
  - 21. The system of claim 20, wherein said plurality of instructions direct said microprocessor to create a master key startup file for said automatic master key access mode.
  - 22. The system of claim 21, wherein said plurality of instructions direct said microprocessor to read in external master key encryption keys (MKEKs) for said first key for all databases from said master key startup file into server memory.
  - 23. The system of claim 21, wherein said plurality of instructions direct said microprocessor to create said master key startup file as a read only file.

24. A non-transitory computer program product having control logic stored therein, said control logic enabling a microprocessor to protect encryption keys in a database according to a method, said method comprising:
- receiving a first password at a database server from a first individual entity, wherein said database server is associated with said database;
  
  receiving a second password at said database server from a second individual entity;
  
  generating a first key, wherein said first key is protected using said first password;
  
  generating a second key, wherein said second key is protected using said second password;
  
  encrypting a third key using said second key to generate an encrypted third key, said third key being included in said encryption keys of said database; and
  
  encrypting said encrypted third key using said first key, wherein use of said third key requires said first password to be provided to said database server by said first individual entity and said second password to be provided to said database server by said second individual entity, said first password being received at said database server separately and independently of said second password, said first individual entity being different and independent from said second individual entity, and said database server enforcing ownership of said first key by said first individual entity and enforcing ownership of said second key by said second individual entity.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sybase Incorporated (SAP SE)
Original Assignee
Sybase Incorporated (SAP SE)
Inventors
Banks, Barbara Jane, Chitkara, Rajnish Kumar, Chen, Shiping
Primary Examiner(s)
KIM, TAE K

Application Number

US12/464,617
Publication Number

US 20100290623A1
Time in Patent Office

2,345 Days
Field of Search

713/194, 713/182, 713/183, 380/279, 380/281, 380/44, 380/45, 380/46, 380/47, 380/277, 380/278, 380/282, 380/283, 380/284, 380/285, 380/286, 726/2, 726/3, 726/4, 726/5, 726/6, 726/26, 726/27, 726/28
US Class Current

1/1
CPC Class Codes

G06F 21/6227   where protection concerns t...

H04L 9/085   Secret sharing or secret sp...

H04L 9/0863   involving passwords or one-...

H04L 9/0891   Revocation or update of sec...

H04L 9/0894   Escrow, recovery or storing...

Protection of encryption keys in a database

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

65 Citations

24 Claims

Specification

Use Cases

Quick Links

Others

Protection of encryption keys in a database

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

65 Citations

24 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others