MySQL Enterprise Transparent Data Encryption (TDE)

Only available in select Commercial Editions

MySQL Enterprise Transparent Data Encryption (TDE) protects your critical data byenabling data-at-rest encryption in the database. It protects the privacy of your information,prevents data breaches and helps meet regulatory requirements including:

MySQL Enterprise Transparent Data Encryption (TDE)

MySQL Enterprise TDE enables data-at-rest encryption by encrypting the physicalfiles of the database. Data is encrypted automatically, in real time, prior to writingto storage and decrypted when read from storage. As a result, hackers and malicious usersare unable to read sensitive data from tablespace files, database backups or disks. MySQLEnterprise TDE uses industry standard AES algorithms.

MySQL Enterprise TDE uses a two-tier encryption key architecture, consisting of a masterencryption key and tablespace keys providing easy key management and rotation. Tablespace keysare managed automatically over secure protocols while the master encryption key is stored ina centralized key management solution such as:

Oasis KMIP protocol implementations:

MySQL Enterprise TDE also supports HTTPS based APIs for Key Management such as:

MySQL enforces clear separation of keys from encrypted data using these centralized keymanagement solutions automate key rotation and storing historical keys.

Database table encryption and decryption occurs without any additional coding, data type or schema modifications. Also, users and applications continue to access data transparently, without changes. MySQL Enterprise TDE gives developers and DBAs the flexibility to encrypt/decrypt existing MySQL tables that have not already been encrypted.

MySQL Enterprise TDE leverages database caching to achieve high performance and requires zero downtime to implement.

Read the original here:
MySQL Enterprise Transparent Data Encryption (TDE)

Related Post

Comments are closed.