How to store the key for an encrypted mysql database (MariaDB)?


Warning: count(): Parameter must be an array or an object that implements Countable in /home/styllloz/public_html/qa-theme/donut-theme/qa-donut-layer.php on line 274
0 like 0 dislike
25 views
Want to encrypt sensitive data in certain database tables (in my case MariaDB). But there are questions:
1. How to store encryption keys, for example, in the files?
Ie it is clear that you can throw on the disc, but in the event of a compromise of access together with the base leaked key.
I think that is probably more correct before running database to connect to some remote network resource (folder), which is the key, start the database and after startup to unmount this share. Right thoughts?

2. Like in the manual they write that you can use the AWS KMS, but it is also not clear as is the case with the access key intruders have access to the server. Or AWS KMS is some kind of protection on the number of requests for the key and/or a time limit? Sorry never worked with KMS.

3. How are things with replication of encrypted data? For the slave uses the same key as the master?

PS. It is about the standard encryption by the database itself, not using encryption in sql queries.
by | 25 views

2 Answers

0 like 0 dislike
Ie it is clear that you can throw on the disc, but in the event of a compromise of access together with the base leaked key.

In almost any case of serious compromise will be made available ways to get for example in the source code of the website/somewhere else and get the key, so all the encryption did not really provide in terms of security to me.
Whether it is hashing, but in the case of data which must be read is not suitable :)
by
0 like 0 dislike
I agree with Alexander Arsentiev
The protection is only in the absence of the ability to do it from the server


better to plug the approaches to the server from prying
by

Related questions

0 like 0 dislike
1 answer
Than or as an encrypted message?
asked May 20, 2019 by nikel_haker
0 like 0 dislike
5 answers
Is it possible to seamlessly encrypt an already encrypted file?
asked May 21, 2019 by Last_Loner
0 like 0 dislike
6 answers
How can you encrypt data in a MySQL database?
asked May 20, 2019 by Zerpico
0 like 0 dislike
2 answers
What the algorithm encrypted passwords from FTP in Total commander?
asked Aug 9, 2019 by yarhosting
0 like 0 dislike
1 answer
What the algorithm encrypted passwords from FTP in Notepad++?
asked Aug 9, 2019 by yarhosting

Most popular tags

javascript php css html jquery wordpress python linux web-development mysql android windows java layout c# computer-networks node.js cpp iron yii vue.js 1C-Bitrix react laravel django nginx system-administration search-engine-optimization api ubuntu the-it-education. ajax sql programming hosting cms design apache google-chrome bootstrap Vkontakte macos google network-administration git laptops algorithms regular-expressions unity-game-engine email angular database network-equipment software wooсommerce debian .net ios information-security video law-in-it browsers books parsing wi-fi game-development career htaccess postgresql telegram mikrotik mobile-development ruby-on-rails the-domain-name-system modx Yandex c json opencart Habr freelance vpn asp.net windows-server symfony bots hard-drives math qt DIY audio frontend payment-system bash electronics gulp.js user-interface docker online-shopping
110,608 questions
257,187 answers
0 comments
40,796 users