Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-4631

CassandraSE: Encrypted column data type

    Details

      Description

      For PCI/DSS it required to store SHA1 keys in a separate server. We can propose Cassandra integration as a remote HA storage holding secret keys.

      Cassandra store in a column family a pre generated dictionary of keys.

      Custom column data type store encrypted values and in a header the key of Cassandra column family.

      On write in the column the Cassandra key should be randomly changed using a function hold in cache for period of time. We re generate the function reading some informations in the status table that should give a level of randomness to avoid dictionary attacks

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                stephane@skysql.com VAROQUI Stephane
              • Votes:
                1 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: