maria-developers team mailing list archive

[Roberto Spadim <roberto@xxxxxxxxxxxxx>]

=] any news?

2014-06-20 13:47 GMT-03:00 Roberto Spadim <roberto@xxxxxxxxxxxxx>:

> :) very nice
> I will wait :)
>
> Em sexta-feira, 20 de junho de 2014, Elmar Eperiesi-Beck <
> elmar@xxxxxxxxxxxxxxxx> escreveu:
>
> 1) thats a good point, we will extend our coding to mysql_connect
>>
>> 2) yes, we want to do this with an INSERT statement - a bit more complex,
>> but yes….
>>
>> We will update the concept paper and come back to you beginning of next
>> week.
>>
>>
>> Am 20.06.2014 um 16:28 schrieb Roberto Spadim <roberto@xxxxxxxxxxxxx>:
>>
>> > nice, check what i'm thinking about...
>> > 1)
>> > i start mariadb without keys
>> > i start my app
>> >   here i must check that all tables are 'unlocked' and read to use,
>> > we will have a method to this? at mysql_connect i will check if keys
>> > are loaded, maybe a SHOW STATUS like 'encryption_keys_loaded' = 1 or 0
>> >
>> > 2)
>> > about externall acess to include encryption/key
>> > maybe a sql statment?
>> > INSERT INTO mysql.encrypt_keys (key,value) value (1,"abcdefg.....")
>> >
>> > just an idea about external key uploading
>> > or an external server (no problem)
>> >
>> >
>> >
>> >
>> >
>> > 2014-06-20 9:51 GMT-03:00 Elmar Eperiesi-Beck <elmar@xxxxxxxxxxxxxxxx>:
>> >> At startup the keys will be read once and kept in memory. Normaly you
>> are
>> >> not going to encrypt 1000 tables, because you just encrypt the content
>> that
>> >> is confidential. But yes- each key has to be in the memory. Or you use
>> an
>> >> external encryption/key server that handels the encryption and the
>> >> key-management outside the DB.
>> >>
>> >> We enhanced the concept, that it is possible to deliver the key
>> manually at
>> >> server startup. You can have it e.g. on a pendrive and start the
>> server with
>> >> the keys as a backup.
>> >>
>> >>
>> >>
>> >> Am 17.06.2014 um 18:55 schrieb Roberto Spadim <roberto@xxxxxxxxxxxxx>:
>> >>
>> >> humm, now i'm thinking as a data warehouse
>> >> think about installing a server (server 1) in somewhere (maybe saara
>> >> desert).... i connect the "server 1" to internet, and configure the
>> server
>> >> uri to point to my central server (server central), maybe at moon
>> >>
>> >> when the mysqld/mariadbd start, it will contact the central server and
>> get
>> >> all keys, or only get keys when i need? for example a server with 1000
>> >> tables and 1000 diferent keys, they are all stored at memory at boot
>> time,
>> >> or only when i need read/write access to that table?
>> >>
>> >> if i remove the internet link, the "server 1" will not read tables,
>> right?
>> >> in this case, if i have the keyfile in a pendrive, or a cd or dvd,
>> could i
>> >> redirect it to a key file and start database, as a backup solution?
>> >>
>> >>
>> >>
>> >
>> >
>> >
>> > --
>> > Roberto Spadim
>> > SPAEmpresarial
>> > Eng. Automação e Controle
>>
>>
>
> --
> Roberto Spadim
> SPAEmpresarial
> Eng. Automação e Controle
>
>


-- 
Roberto Spadim
SPAEmpresarial
Eng. Automação e Controle