Planet MySQL

Displaying posts with tag: Encryption at rest (reset)

Sep

2018

Encryption of the InnoDB System Tablespace and Parallel Doublewrite Buffer

Posted by MySQL Performance Blog on Fri 14 Sep 2018 11:29 UTC
Tags:

Security, encryption, MySQL, Percona Server for MySQL, Encryption at rest, Percona Server 5.7 parallel doublewrite

In my last post I compared data at-rest encryption features available for MySQL and MariaDB. As noted at the time, some of the features available for Percona Server for MySQL were in development, and the latest version (5.7.23) sees two of them released as ALPHA quality.

Encrypting the InnoDB system tablespace

The first of the new features is InnoDB system tablespace encryption via innodb_sys_tablespace_encrypt, which …

[Read more]

Aug

2018

Comparing Data At-Rest Encryption Features for MariaDB, MySQL and Percona Server for MySQL

Posted by MySQL Performance Blog on Thu 23 Aug 2018 17:00 UTC
Tags:

Security, database security, mariadb, mysql security, encryption, Data security, MySQL, Percona Server for MySQL, Cyber Security, MySQL Data at Rest Encryption, MySQL 8.0, Encryption at rest, MySQL Encryption at Rest

Protecting the data stored in your database may have been at the top of your priorities recently, especially with the changes that were introduced earlier this year with GDPR.

There are a number of ways to protect this data, which until not so long ago would have meant either using an encrypted filesystem (e.g. LUKS), or encrypting the data before it is stored in the database (e.g. AES_ENCRYPT or other abstraction within the application). A few years ago, the options started to change, as Alexander Rubin discussed in …

[Read more]

Dec

2017

MySQL Enterprise Transparent Data Encryption (TDE) – provides at-rest encryption for physical InnoDB tablespace data files

Posted by Tony Darnell on Wed 13 Dec 2017 15:27 UTC
Tags:

MySQL Enterprise Edition, MySQL, MySQL Enterprise Backup, Encryption at rest, Transparent Data Encryption

With MySQL version 5.7.11 and up, Oracle continues to improve MySQL’s security features by adding MySQL Enterprise Transparent Data Encryption (TDE) for InnoDB tables stored in innodb_file_per_table tablespaces. This feature provides at-rest encryption for physical tablespace data files.

MySQL Enterprise TDE uses a two-tier encryption key architecture, consisting of a master encryption key and tablespace keys. When an InnoDB table is encrypted, a tablespace key is encrypted with the master key and the encrypted value of the tablespace key is stored in the tablespace header. When encrypting tablespace data, InnoDB transparently uses the master encryption key …

[Read more]

Jun

2017

MySQL Encryption at Rest – Part 2 (InnoDB)

Posted by MySQL Performance Blog on Wed 28 Jun 2017 20:51 UTC
Tags:

Security, innodb, encryption, MySQL, Encryption at rest

Welcome to Part 2 in a series of blog posts on MySQL encryption at rest. This post covers InnoDB tablespace encryption.

At Percona, we work with a number of clients that require strong security measures for PCI, HIPAA and PHI compliance, where data managed by MySQL needs to be encrypted “at rest.” As with all things open source, there several options for meeting the MySQL encryption at rest requirement. In this three-part series, we cover several popular options of encrypting data and present the various pros and cons to each solution. You may want to evaluate which parts of these tutorials work best for your situation before using them in production.

Part one of this series covered …

[Read more]

Top Authors

Oracle MySQL Blogs

Vendor Blogs

MySQL Links