Data Encryption #
Scenarios
With the spread of information technology, more and more companies realize the important value of data assets, resulting in data security being paid more and more attention. As an important means to protect data security, data encryption has naturally become the basic demand of various companies. Data encryption is a data protection method that uses encryption rules to deform data to achieve the purpose of security control.
In reality, there are often two business scenarios of data encryption. One is that new businesses need data encryption. Because they are new businesses, everything is new. Business teams often simply implement data encryption based on the basic requirements of the company’s encryption. However, with the rapid development of business, the original encryption scheme is difficult to meet the requirements of new business scenarios, resulting in the need for large-scale transformation of business systems, and the cost of upgrading is huge. The other is the mature business that has been launched and the data is stored in plaintext. Now that the company has the requirements of data encryption, it will involve the migration and encryption of old data (washing number) and the related transformation of business SQL. The overall complexity is high. For the core business, it also needs to be transformed without shutdown, which will involve the construction of pre release environment and the preparation of rollback scheme, which will cost a lot.
Based on this background, SphereEx-DBPlusEngine has proposed a complete, safe, transparent and low transformation cost data encryption integration scheme to meet the encryption and decryption needs of various companies from the needs of the industry and the pain points of business transformation.
Prerequisites
Take DBPlusEngine-Proxy as an example, download and unzip the proxy, refer to the following configuration, configure the corresponding configuration file in the conf directory, and then start the proxy.
Configuration Example
config-encrypt.yaml
-!ENCRYPT
encryptors:
aes_encryptor:
type: AES
props:
aes-key-value: 123456abc
tables:
t_user:
columns:
pwd:
cipherColumn: pwd_cipher
encryptorName: aes_encryptor
Relevant Reference