Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-4631

CassandraSE: Encrypted column data type

    XMLWordPrintable

    Details

      Description

      For PCI/DSS it required to store SHA1 keys in a separate server. We can propose Cassandra integration as a remote HA storage holding secret keys.

      Cassandra store in a column family a pre generated dictionary of keys.

      Custom column data type store encrypted values and in a header the key of Cassandra column family.

      On write in the column the Cassandra key should be randomly changed using a function hold in cache for period of time. We re generate the function reading some informations in the status table that should give a level of randomness to avoid dictionary attacks

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              stephane@skysql.com VAROQUI Stephane
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: