CN117714034A - Management method, storage medium and equipment for transaction log key - Google Patents
Management method, storage medium and equipment for transaction log key Download PDFInfo
- Publication number
- CN117714034A CN117714034A CN202211091326.0A CN202211091326A CN117714034A CN 117714034 A CN117714034 A CN 117714034A CN 202211091326 A CN202211091326 A CN 202211091326A CN 117714034 A CN117714034 A CN 117714034A
- Authority
- CN
- China
- Prior art keywords
- transaction log
- key
- xlog
- log
- transaction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 42
- 238000000034 method Methods 0.000 claims abstract description 40
- 230000004044 response Effects 0.000 claims description 13
- 230000006870 function Effects 0.000 claims description 6
- 230000000977 initiatory effect Effects 0.000 claims 1
- 238000005516 engineering process Methods 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 11
- 230000008569 process Effects 0.000 description 5
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000003672 processing method Methods 0.000 description 2
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention relates to database technologies, and in particular, to a method, a storage medium, and an apparatus for managing transaction log keys. The management method of the transaction log key comprises the following steps: after a transaction log tool outside a database cluster is started, acquiring a key file storing ciphertext of a transaction log key; under the condition that the encrypted transaction log is read, acquiring ciphertext of a transaction log key from a key file; and decrypting the ciphertext of the transaction log key in a preset decryption mode to obtain the plaintext of the transaction log key. The management method of the transaction log key solves the problem that the transaction log key is difficult to acquire outside the database cluster, and improves the accuracy of acquiring the transaction log key outside the database cluster.
Description
Technical Field
The present invention relates to database technologies, and in particular, to a method, a storage medium, and an apparatus for managing transaction log keys.
Background
In a KingbaseES database (abbreviated as KES database), a transaction log is actually referred to as an XLOG log (or called WAL log), and the database system records all update operations of all transactions to the KES database and writes XLOG log files before they are applied. If the XLOG log is not encrypted in the KES database, under the condition that an illegal person takes the XLOG log containing sensitive user data, the illegal person can obtain the sensitive user data through simple XLOG log playback operation, thereby causing user information leakage. Therefore, in order to prevent leakage of user information from the XLOG log, the XLOG log needs to be encrypted by an XLOG log key to protect the user information.
After encrypting the XLOG logs, it is contemplated that these encrypted XLOG logs may be decrypted within the current KES database cluster and possibly in other environments. The XLOG log key is relatively easy to obtain if decrypted by the current KES database cluster. But if the encrypted XLOG log generated by the current cluster is copied to another environment for decryption, how to obtain the XLOG log key becomes a challenge.
Some offline decryption methods exist that use a method of determining a master key of a file to be decrypted according to a level of the file to be decrypted, thereby indirectly obtaining the key. However, the existing decryption method cannot directly acquire the secret key, and has the problem of inaccurate acquisition results.
Therefore, how to design a management method that is suitable for obtaining XLOG log keys both in a KES database cluster and outside the KES database cluster becomes a problem to be solved.
Disclosure of Invention
An object of the present invention is to provide a method for managing a transaction log key, so as to accurately obtain the transaction log key outside a database cluster, so as to smoothly perform subsequent decryption operations.
It is a further object of the present invention to increase the convenience of obtaining transaction log keys and thereby increase the processing speed of decryption operations.
It is a further object of the invention to improve the security of transaction log keys.
In particular, the present invention provides a method for managing transaction log keys, comprising:
after a transaction log tool outside a database cluster is started, acquiring a key file storing ciphertext of a transaction log key;
under the condition that the encrypted transaction log is read, acquiring ciphertext of a transaction log key from a key file;
and decrypting the ciphertext of the transaction log key in a preset decryption mode to obtain the plaintext of the transaction log key.
Optionally, before the transaction log tool outside the database cluster starts, the method for managing the transaction log key further includes:
storing the key file into a transaction log decryption environment of the transaction log tool in response to a copy operation for the key file; and is also provided with
The step of obtaining a key file storing ciphertext of the transaction log key comprises:
acquiring a storage path of a key file in response to an input operation for the storage path of the key file;
and searching to obtain the key file according to the storage path of the key file.
Optionally, after the transaction log tool outside the database cluster is started, the method for managing the transaction log key further comprises:
acquiring a preset primary key; and is also provided with
The step of decrypting the ciphertext of the transaction log key in a preset decryption manner comprises the following steps:
the ciphertext of the transaction log key is decrypted using the primary key.
Optionally, the primary key is preset and obtained when a database system initialization data cluster command is executed; and is also provided with
The ciphertext of the transaction log key is obtained by:
after the primary key is obtained, enabling a transaction log encryption function;
generating a transaction log key;
the transaction log key is encrypted using the primary key.
Optionally, the transaction log key is used to encrypt the unencrypted transaction log and to decrypt the encrypted transaction log, and the plurality of transaction logs generated within the same database cluster are encrypted/decrypted by the same transaction log key.
Optionally, after the step of obtaining the plaintext of the transaction log key, the method for managing the transaction log key further includes:
the encrypted transaction log is decrypted using the plaintext of the transaction log key.
Optionally, before the step of obtaining the ciphertext of the transaction log key from the key file in the case of reading the encrypted transaction log, the transaction log key management method further includes:
acquiring a transaction log in a transaction log decryption environment of a transaction log tool;
judging whether the acquired transaction log contains a preset transaction log encryption mark or not;
if yes, determining that the encrypted transaction log is read.
Optionally, after the step of determining whether the obtained transaction log contains the preset transaction log encryption flag, the transaction log key management method further includes:
under the condition that the obtained transaction logs do not contain preset transaction log encryption marks, determining that the encrypted transaction logs are not read;
and skipping the execution of the decryption operation on the ciphertext of the transaction log key.
According to another aspect of the present invention, there is also provided a machine-readable storage medium having stored thereon a machine-executable program which, when executed by a processor, implements a method of managing transaction log keys of any of the above.
According to still another aspect of the present invention, there is also provided a computer device including a memory, a processor, and a machine executable program stored on the memory and running on the processor, and the processor implementing a method of managing transaction log keys of any of the above when executing the machine executable program.
According to the management method of the transaction log key, after the transaction log tool outside the database cluster is started, the key file storing the ciphertext of the transaction log key is obtained, and under the condition that the encrypted transaction log is read, the ciphertext of the transaction log key is obtained from the key file, so that the ciphertext of the transaction log key is decrypted in a preset decryption mode, the plaintext of the transaction log key is obtained, the fact that the transaction log key can be accurately obtained outside the database cluster is met, and the subsequent decryption operation is smoothly carried out is achieved.
Further, according to the method for managing the transaction log key, before the transaction log tool outside the database cluster is started, the key file is stored in the transaction log decryption environment of the transaction log tool in response to the copy operation of the key file, so that the key file is ensured to be stored in the transaction log decryption environment in advance, and the convenience for acquiring the transaction log key is improved. The transaction log key management method can respond to the input operation of the storage path of the key file, acquire the storage path of the key file, and search and acquire the key file according to the storage path of the key file, thereby further improving the speed and accuracy of acquiring the key file and further improving the processing speed of decryption operation.
Furthermore, according to the transaction log key management method, after the transaction log tool outside the database cluster is started, the preset primary key is obtained, and the ciphertext of the transaction log key is decrypted by using the primary key, so that the protection of the transaction log key is realized, the security of obtaining the transaction log key is improved, and the security of decryption operation is improved.
The above, as well as additional objectives, advantages, and features of the present invention will become apparent to those skilled in the art from the following detailed description of a specific embodiment of the present invention when read in conjunction with the accompanying drawings.
Drawings
Some specific embodiments of the invention will be described in detail hereinafter by way of example and not by way of limitation with reference to the accompanying drawings. The same reference numbers will be used throughout the drawings to refer to the same or like parts or portions. It will be appreciated by those skilled in the art that the drawings are not necessarily drawn to scale. In the accompanying drawings:
FIG. 1 is a flow diagram of a method of transaction log key management according to one embodiment of the invention;
FIG. 2 is a schematic diagram of the structure of a transaction log in a method for managing transaction log keys according to one embodiment of the invention;
FIG. 3 is a schematic diagram of a transaction log structure in a method for managing transaction log keys according to another embodiment of the present invention;
FIG. 4 is a flow diagram of a method of transaction log key management according to another embodiment of the invention;
FIG. 5 is a flow diagram of a method of transaction log key management in accordance with yet another embodiment of the present invention;
FIG. 6 is a schematic diagram of a machine-readable storage medium according to one embodiment of the invention; and
fig. 7 is a schematic structural view of a computer device according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present invention will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present invention are shown in the drawings, it should be understood that the present invention may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art.
In order to solve the technical problems, an embodiment of the present invention provides a method for managing transaction log keys. FIG. 1 is a schematic flow diagram of a method of managing transaction log keys according to one embodiment of the invention. The method of transaction log key management may generally include:
step S102, after a transaction log tool outside a database cluster is started, a key file storing ciphertext of a transaction log key is obtained;
step S104, under the condition that the encrypted transaction log is read, ciphertext of a transaction log key is obtained from the key file;
and S106, decrypting the ciphertext of the transaction log key in a preset decryption mode to obtain the plaintext of the transaction log key.
According to the management method of the transaction log key, after the transaction log tool outside the database cluster is started, a key file storing ciphertext of the transaction log key is obtained, and under the condition that an encrypted transaction log is read, the ciphertext of the transaction log key is obtained from the key file, so that the ciphertext of the transaction log key is decrypted in a preset decryption mode, plaintext of the transaction log key is obtained, the fact that the transaction log key can be accurately obtained outside the database cluster is met, and subsequent decryption operation is smoothly carried out.
Specifically, the KingbaseES refers to a KingbaseES database management system, which is a general relational database management system. Those skilled in the art will recognize that in some alternative embodiments, the transaction log key management method of the present invention may be applied to KES databases, and in other alternative embodiments, the transaction log key management method of the present invention may be applied to other relational databases. For the KES database, the transaction log is actually an XLOG log, and multiple XLOG logs are generated during the operation of the KES database. On this basis, the transaction log key refers to an XLOG log key used to encrypt an unencrypted XLOG log and decrypt an encrypted XLOG log. Specifically, for multiple XLOG logs generated in the KES database run, the same XLOG log key may be used to encrypt/decrypt multiple XLOG logs within the same KES database cluster. The key file refers to an XLOG key file for recording XLOG log keys of a plurality of XLOG logs generated in the KES database. The transaction log tool refers to an XLOG tool that reads XLOG logs outside of the KES database cluster and requires decryption operations on encrypted XLOG logs. In addition, the transaction log tools outside of the KES database cluster may include some offline XLOG tools.
In one embodiment, before the step S102, the transaction log key management method of the present invention may further include the steps of: in response to a copy operation for the XLOG key file, the XLOG key file is stored into an XLOG log decryption environment of the XLOG tool. That is, for some offline XLOG tools, the corresponding XLOG key file needs to be copied into the XLOG log decryption environment prior to startup in order to obtain the XLOG key file offline.
According to the transaction log key management method, before the XLOG tool outside the KES database cluster is started, the XLOG key file is stored in the XLOG log decryption environment of the XLOG tool in response to the copy operation of the XLOG key file, so that the condition that the XLOG key file is pre-stored in the XLOG log decryption environment is ensured, and convenience in acquiring the XLOG log key is improved.
In some embodiments, the step of obtaining the key file storing the ciphertext of the transaction log key in step S102 may include the steps of: the step of obtaining an XLOG key file storing ciphertext of the XLOG log key includes: responding to the input operation of the storage path of the XLOG key file, and acquiring the storage path of the XLOG key file; and searching to obtain the XLOG key file according to the storage path of the XLOG key file. That is, after the offline XLOG tool is started, the storage path of the XLOG key file is required to be input, and after the user/machine inputs the storage path of the XLOG key file, the XLOG key file can be directly obtained according to the storage path of the XLOG key file.
According to the transaction log key management method, the storage path of the XLOG key file can be obtained in response to the input operation of the storage path of the XLOG key file, and the XLOG key file is searched and obtained according to the storage path of the XLOG key file, so that the obtaining speed and accuracy of the XLOG key file are further improved, and the processing speed of decryption operation is further improved.
In some embodiments, in the step S102, after the transaction log tool outside the database cluster is started, the method for managing transaction log keys according to the present invention may further include the following steps: and acquiring a preset primary key. Specifically, the step of acquiring the preset primary key may be specifically performed as: and acquiring the primary key in response to the primary key input operation. In some embodiments, the primary key may be pre-set to be obtained when the KES database system initialization data cluster command is executed. That is, after the XLOG logs are copied to the offline XLOG tool, at the time of starting the offline XLOG tool, it is necessary to know the primary key that the KES database that generated these XLOGs set up in advance at the time of executing the KES system initialization data cluster (initdb) command.
In some embodiments, the ciphertext of the XLOG log key may be obtained by: after the primary key is obtained, an XLOG log encryption function is started; generating an XLOG log key; the XLOG log key is encrypted using a primary key. Next, a description will be given of a process of generating ciphertext of an XLOG log key in combination with a partial flow of a write flow of an XLOG log in a KES system.
In a specific embodiment, the writing process of the XLOG log may at least include the following steps: judging whether a primary key is set or not when a KES database system initialization data cluster command is executed; if not, the XLOG log encryption function is not started, and the encryption operation is skipped; if yes, an XLOG log encryption function is started, and an XLOG log key is randomly generated; encrypting the XLOG log key by using the primary key to obtain a ciphertext of the XLOG log key; the ciphertext of the XLOG log key is stored in an XLOG key file.
On this basis, the step of decrypting the ciphertext of the XLOG log key in the preset decryption manner in step S106 may be specifically performed as follows: the ciphertext of the XLOG log key is decrypted using the primary key.
According to the transaction log key management method, after the XLOG tool outside the KES database cluster is started, the preset primary key is obtained, the ciphertext of the XLOG log key is decrypted by using the primary key, so that the protection of the XLOG log key is realized, the security of obtaining the XLOG log key is improved, and the security of decryption operation is improved.
In some embodiments, after the step S106, the transaction log key management method of the present invention may further include the steps of: the encrypted XLOG log is decrypted using the plaintext of the XLOG log key. Thus, the decryption operation of the encrypted XLOG log by the XLOG log decryption environment outside the KES database cluster is completed.
In some embodiments, before the step S104, the method for managing transaction log keys according to the present invention may further include the steps of: obtaining an XLOG log in an XLOG log decryption environment of an XLOG tool; judging whether the obtained XLOG log contains a preset XLOG log encryption mark or not; if yes, determining that the encrypted XLOG log is read. That is, the offline XLOG tool determines whether the encrypted XLOG log is read according to whether the read XLOG log includes an XLOG log encryption flag.
In addition, after the step of determining whether the obtained XLOG log includes the preset XLOG log encryption flag, the transaction log key management method of the present invention may further include the steps of: under the condition that none of the obtained XLOG logs contains a preset XLOG log encryption mark, determining that the encrypted XLOG log is not read; the decryption operation of the ciphertext of the XLOG log key is skipped. The steps of determining whether the obtained XLOG log includes the preset XLOG log encryption flag will be described with reference to fig. 2 and 3.
FIG. 2 is a schematic diagram of the structure of a transaction log in a method for managing transaction log keys according to one embodiment of the invention. As shown in fig. 2, the unencrypted XLOG log includes an XLOG log header and an XLOG log data area. Specifically, the XLOG log data area includes a plurality of block data areas and main data areas, and the XLOG log header includes an XLOG record structure, header data of each block data area, and header data of the main data area.
For an unencrypted XLOG log, only one of 1 to 32, 255, 254, and 253 can be read within one byte after the XLOG record structure. Specifically, in the case where the next byte of the XLogRecord structure is the header data of the block data area, the data therein may be the id number of the block, which includes any one of 1 to 32; when the main data area length of the XLOG log is less than or equal to 255, the data in the main data area is 255; the data in the main data area of the XLOG log is 254 under the condition that the length of the main data area of the XLOG log is more than 255; in the case where the copy source is recorded in the XLOG log, the data therein is 253.
FIG. 3 is a schematic diagram of a transaction log structure in a method for managing transaction log keys according to another embodiment of the present invention. As shown in fig. 3, the encrypted XLOG log includes an XLOG log header and an XLOG log data area. Unlike the unencrypted XLOG log, the XLOG record structure of the encrypted XLOG log is followed by one byte, and a preset XLOG log encryption flag is written in the one byte added. The predetermined XLOG log encryption flag may be selected to be a different value from the data that may be read in one byte after the XLOG record structure of the above-described unencrypted XLOG log. As shown in fig. 3, the preset XLOG log encryption flag may be set to 252.
On the basis, whether the encrypted XLOG log is read can be judged according to whether the data in one byte behind the XLOgRecord structure of the read XLOG log is a preset XLOG log encryption mark. Specifically, the determining whether the obtained XLOG log includes the preset XLOG log encryption flag may include the following steps: acquiring data in one byte after the XLOgRecord structure of the read XLOG log; judging whether the data in one byte is the same as a preset XLOG log encryption mark or not; if the obtained XLOG logs are the same, determining that the obtained XLOG logs contain preset XLOG log encryption marks; if the obtained XLOG logs are different, the obtained XLOG logs are determined not to contain preset XLOG log encryption marks.
According to the management method of the XLOG log key, the ciphertext of the XLOG log key is obtained from the XLOG log key file only when the encrypted XLOG log is read, and the ciphertext of the XLOG log key is not obtained continuously when the read XLOG logs are all unencrypted XLOG logs, so that the scene of obtaining the ciphertext of the XLOG log key is reduced, and the resource loss is reduced.
In one embodiment, the KES database generates multiple XLOG logs during operation. After the KES database generates one XLOG log key, the subsequent writing processes of the XLOG log use the one XLOG log key to encrypt the XLOG log, and the reading processes of each XLOG log also use the one XLOG log key to decrypt the XLOG log. In other embodiments, for multiple XLOG logs generated by the KES database during operation, each XLOG log may correspond to one XLOG log key, and the XLOG log keys corresponding to the multiple XLOG logs may be stored in different locations of the XLOG key file, respectively. That is, each XLOG log corresponds to a storage location in the XLOG key file. Therefore, in the above embodiment, when the offline XLOG tool is used to read the XLOG logs generated by the same KES database cluster, the XLOG key file needs to be copied once before starting, so that the decryption operation of all subsequent XLOG logs can be performed.
In addition, in other embodiments, for multiple XLOG logs generated by the KES database during the running process, each XLOG log corresponds to one XLOG log key, and the XLOG log keys corresponding to the multiple XLOG logs may also be stored in different XLOG key files respectively. Thus, each XLOG log corresponds to one XLOG key file. When reading an XLOG log using an offline XLOG tool, an XLOG key file corresponding to the bar of XLOG log needs to be copied to the XLOG log's decryption environment.
Fig. 4 is a flow chart of a method of managing transaction log keys according to another embodiment of the present invention. The following describes the steps of the flow of the present embodiment in detail with reference to fig. 4.
In step S402, in response to the copy operation for the XLOG key file, the XLOG key file is stored into the XLOG log decryption environment of the XLOG tool.
In step S404, the XLOG tool is started. It should be noted that the XLOG tools include offline XLOG tools that read XLOG logs outside of the KES database cluster.
In step S406, the primary key is acquired in response to the input operation of the primary key.
In step S408, the storage path of the XLOG key file is acquired in response to the input operation for the storage path of the XLOG key file.
Step S410, searching to obtain the XLOG key file according to the storage path of the XLOG key file.
In step S412, the ciphertext of the XLOG log key is obtained from the XLOG key file. The ciphertext of the XLOG log key is stored in the XLOG key file in advance in the writing flow of the XLOG log.
In step S414, the ciphertext of the XLOG log key is decrypted by using the primary key to obtain the plaintext of the XLOG log key. Thus, the present flow ends.
According to the transaction log key management method, after an XLOG tool outside a KES database cluster is started, a key file storing ciphertext of the XLOG log key is obtained, and under the condition that an encrypted XLOG log is read, the ciphertext of the XLOG log key is obtained from the key file, so that the ciphertext of the XLOG log key is decrypted in a preset decryption mode, plaintext of the XLOG log key is obtained, the condition that the XLOG log key can be accurately obtained outside the KES database cluster is met, and subsequent decryption operation is smoothly carried out.
Fig. 5 is a flow chart of a method of managing transaction log keys according to yet another embodiment of the present invention. The following describes the steps of the flow of the present embodiment in detail with reference to fig. 5.
In step S502, the KES database system is started.
Step S504, judging whether the XLOG log encryption function is started, if yes, executing step S506, and if not, executing step S512.
In step S506, the primary key is acquired in response to the input operation of the primary key.
Step S508, the ciphertext of the XLOG log key is obtained from the XLOG key file. The ciphertext of the XLOG log key is stored in the XLOG key file in advance in the writing flow of the XLOG log.
And step S510, decrypting the ciphertext of the XLOG log key by using the primary key to obtain the plaintext of the XLOG log key. Thus, the present flow ends.
Step S512, the input operation of the primary key is skipped, and the flow ends.
According to the transaction log key management method, when the reading flow of the XLOG log is started in the KES database cluster, the ciphertext of the XLOG log key can be directly obtained from the XLOG key file, so that the condition that the XLOG log key is successfully obtained in the KES database cluster is met, and the smooth proceeding of decryption operation is ensured.
The present embodiment also provides a machine-readable storage medium and a computer device. Fig. 6 is a schematic diagram of the structure of a machine-readable storage medium 10 according to one embodiment of the present invention, and fig. 7 is a schematic diagram of the structure of a computer device 20 according to one embodiment of the present invention.
The machine-readable storage medium 10 has stored thereon a machine-executable program 11, which when executed by a processor, implements the processing method of any of the above embodiments.
The computer device 20 may include a memory 220, a processor 210, and a machine executable program 11 stored on the memory 220 and running on the processor 210, and the processor 210 implements the processing methods of any of the embodiments described above when executing the machine executable program 11.
The flowcharts provided by this embodiment are not intended to indicate that the operations of the method are to be performed in any particular order, or that all of the operations of the method are included in all of each case. Furthermore, the method may include additional operations. Additional variations may be made to the above-described methods within the scope of the technical ideas provided by the methods of the present embodiments.
By now it should be appreciated by those skilled in the art that while a number of exemplary embodiments of the invention have been shown and described herein in detail, many other variations or modifications of the invention consistent with the principles of the invention may be directly ascertained or inferred from the present disclosure without departing from the spirit and scope of the invention. Accordingly, the scope of the present invention should be understood and deemed to cover all such other variations or modifications.
Claims (10)
1. A method of transaction log key management, comprising:
after a transaction log tool outside a database cluster is started, acquiring a key file storing ciphertext of a transaction log key;
under the condition that the encrypted transaction log is read, acquiring ciphertext of the transaction log key from the key file;
decrypting ciphertext of the transaction log key in a preset decryption mode to obtain plaintext of the transaction log key.
2. The transaction log key management method of claim 1, wherein prior to the initiation of the transaction log tool outside the database cluster, the transaction log key management method further comprises:
storing the key file in a transaction log decryption environment of the transaction log tool in response to a copy operation for the key file; and is also provided with
The step of obtaining the key file storing the ciphertext of the transaction log key comprises the following steps:
acquiring a storage path of the key file in response to an input operation for the storage path of the key file;
and searching and obtaining the key file according to the storage path of the key file.
3. The transaction log key management method of claim 1, wherein the transaction log key management method further comprises, after a transaction log tool outside a database cluster is started:
acquiring a preset primary key; and is also provided with
The step of decrypting the ciphertext of the transaction log key in a preset decryption mode comprises the following steps:
and decrypting ciphertext of the transaction log key by using the primary key.
4. The transaction log key management method of claim 3, wherein the primary key is preset to be obtained when a database system initialization data cluster command is executed; and is also provided with
The ciphertext of the transaction log key is obtained by the following steps:
after the primary key is obtained, enabling a transaction log encryption function;
generating the transaction log key;
encrypting the transaction log key using the primary key.
5. The transaction log key management method of claim 4, wherein,
the transaction log key is used for encrypting the unencrypted transaction log and decrypting the encrypted transaction log, and a plurality of transaction logs generated in the same database cluster are subjected to encryption/decryption operations by the same transaction log key.
6. The transaction log key management method of claim 1, wherein after the step of obtaining plaintext of the transaction log key, the transaction log key management method further comprises:
and decrypting the encrypted transaction log by using the plaintext of the transaction log key.
7. The transaction log key management method according to claim 1, wherein the transaction log key management method further comprises, in the case where the encrypted transaction log is read, before the step of acquiring ciphertext of the transaction log key from the key file:
acquiring a transaction log in a transaction log decryption environment of the transaction log tool;
judging whether the acquired transaction log contains a preset transaction log encryption mark or not;
if yes, determining that the encrypted transaction log is read.
8. The transaction log key management method according to claim 7, wherein after the step of determining whether the acquired transaction log contains a preset transaction log encryption flag, the transaction log key management method further comprises:
under the condition that the obtained transaction logs do not contain preset transaction log encryption marks, determining that the encrypted transaction logs are not read;
and skipping the execution of the decryption operation on the ciphertext of the transaction log key.
9. A machine-readable storage medium having stored thereon a machine-executable program which when executed by a processor implements the method of transaction log key management according to any of claims 1 to 8.
10. A computer device comprising a memory, a processor and a machine executable program stored on the memory and running on the processor, and the processor implementing a method of managing transaction log keys according to any one of claims 1 to 8 when executing the machine executable program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211091326.0A CN117714034A (en) | 2022-09-07 | 2022-09-07 | Management method, storage medium and equipment for transaction log key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211091326.0A CN117714034A (en) | 2022-09-07 | 2022-09-07 | Management method, storage medium and equipment for transaction log key |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117714034A true CN117714034A (en) | 2024-03-15 |
Family
ID=90159381
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211091326.0A Pending CN117714034A (en) | 2022-09-07 | 2022-09-07 | Management method, storage medium and equipment for transaction log key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117714034A (en) |
-
2022
- 2022-09-07 CN CN202211091326.0A patent/CN117714034A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP4551802B2 (en) | Processor, memory, computer system, and data transfer method | |
| US8495365B2 (en) | Content processing apparatus and encryption processing method | |
| US8001391B2 (en) | Method of encrypting and decrypting data stored on a storage device using an embedded encryption/decryption means | |
| US20050251866A1 (en) | Storage medium and method and apparatus for separately protecting data in different areas of the storage medium | |
| US8032941B2 (en) | Method and apparatus for searching for rights objects stored in portable storage device object identifier | |
| EP1739671A2 (en) | Media key generation method, media key generation apparatus | |
| US20170289110A1 (en) | Job execution method and job execution device | |
| GB2607484A (en) | Memory based encryption | |
| WO2002019592A2 (en) | Method of automatically encrypting and decrypting file in kernel mode, method of moving file pointer using the same, and computer readable recording medium on which programs of above methods are recorded | |
| CN109344656B (en) | Database data encryption/decryption method, device and equipment | |
| JP2007108833A (en) | Device for storing a plurality of passwords and password management method | |
| US20050071662A1 (en) | Method of managing file structure in memory card and its related technology | |
| US20040250104A1 (en) | Method of processing data and data processing apparatus | |
| CN117714034A (en) | Management method, storage medium and equipment for transaction log key | |
| CN113326526B (en) | Data access method, device, equipment and storage medium | |
| JP2001016195A (en) | Information utilization controller | |
| CN117708839A (en) | Transaction log processing method, storage medium and equipment | |
| CN117714032A (en) | Management method, storage medium and equipment for transaction log key | |
| CN117668865A (en) | Management method, storage medium and equipment for transaction log key | |
| CN117714033A (en) | Management method, storage medium and equipment for transaction log key | |
| CN110032529B (en) | Memory management method and related device | |
| CN117675969A (en) | Transaction log processing method, storage medium and equipment | |
| CN117708836A (en) | Transaction log segment file processing method, storage medium and equipment | |
| JP4697451B2 (en) | Data input / output device, data input / output method, data input / output program | |
| US20030051152A1 (en) | Method and device for storing and reading digital data on/from a physical medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |