=] any news? 2014-06-20 13:47 GMT-03:00 Roberto Spadim <roberto@spadim.com.br>:
:) very nice I will wait :)
Em sexta-feira, 20 de junho de 2014, Elmar Eperiesi-Beck < elmar@eperiesi-beck.de> escreveu:
1) thats a good point, we will extend our coding to mysql_connect
2) yes, we want to do this with an INSERT statement - a bit more complex, but yes….
We will update the concept paper and come back to you beginning of next week.
Am 20.06.2014 um 16:28 schrieb Roberto Spadim <roberto@spadim.com.br>:
nice, check what i'm thinking about... 1) i start mariadb without keys i start my app here i must check that all tables are 'unlocked' and read to use, we will have a method to this? at mysql_connect i will check if keys are loaded, maybe a SHOW STATUS like 'encryption_keys_loaded' = 1 or 0
2) about externall acess to include encryption/key maybe a sql statment? INSERT INTO mysql.encrypt_keys (key,value) value (1,"abcdefg.....")
just an idea about external key uploading or an external server (no problem)
At startup the keys will be read once and kept in memory. Normaly you are not going to encrypt 1000 tables, because you just encrypt the content
2014-06-20 9:51 GMT-03:00 Elmar Eperiesi-Beck <elmar@eperiesi-beck.de>: that
is confidential. But yes- each key has to be in the memory. Or you use an external encryption/key server that handels the encryption and the key-management outside the DB.
We enhanced the concept, that it is possible to deliver the key manually at server startup. You can have it e.g. on a pendrive and start the server with the keys as a backup.
Am 17.06.2014 um 18:55 schrieb Roberto Spadim <roberto@spadim.com.br>:
humm, now i'm thinking as a data warehouse think about installing a server (server 1) in somewhere (maybe saara desert).... i connect the "server 1" to internet, and configure the server uri to point to my central server (server central), maybe at moon
when the mysqld/mariadbd start, it will contact the central server and get all keys, or only get keys when i need? for example a server with 1000 tables and 1000 diferent keys, they are all stored at memory at boot time, or only when i need read/write access to that table?
if i remove the internet link, the "server 1" will not read tables, right? in this case, if i have the keyfile in a pendrive, or a cd or dvd, could i redirect it to a key file and start database, as a backup solution?
-- Roberto Spadim SPAEmpresarial Eng. Automação e Controle
-- Roberto Spadim SPAEmpresarial Eng. Automação e Controle
-- Roberto Spadim SPAEmpresarial Eng. Automação e Controle