Database sensitive field encryption upgrade process and problem solving

Language 2023-08-08 20:06:45 views: null
  1. The technical manager/architect sorts out the systems that need to be upgraded at the same time (the remaining systems can be upgraded separately), including:
    1. Different systems using the same database (e.g. 2 systems for a store)
    2. There is a DTS relationship between databases
  2. For systems that are upgraded at the same time, evaluate the time required for code upgrades and refresh data, and define a unified upgrade time point
  3. The technical manager corresponding to each system sorts out the table fields that need to be encrypted and decrypted, and notifies the big data; the big data follows the encryption and decryption fields of the business system to upgrade, and aligns the schedule with the business system
  4. The business system and big data establish a spare encrypted field, and flash the encrypted data into this field. Note that the length of the encrypted field will be significantly larger than the length of the original field, and the expansion of the field length needs to be considered. Database operation function reference:
    • Set the encryption method: SET block_encryption_mode = 'aes-256-cbc';(Run before the execution of the SQL script, specify the encryption method, session level, and execute before each use)
    • Encryption function:select TO_BASE64(AES_ENCRYPT('上海银行', 'uBdUx82vPHkDKb284d7NkjFoNcKWBuka', 'c558Gq0YQK2QUlMc')) from dual;
    • Decryption function:select AES_DECRYPT(FROM_BASE64('E5NoyWGQwnMlf1UAUO/Xow=='), 'uBdUx82vPHkDKb284d7NkjFoNcKWBuka', 'c558Gq0YQK2QUlMc') from dual;
    • Length calculation of the encrypted field: the encrypted length depends on the length of the original field, and can be calculated according to the designed length. For example: abcdabcdabcdabcdthe result after encryption is sogxg0B8ozqvB5zs/tkb5yH55ccNfEuvr1l/HNluPgk=, the length is 44.
    • Pay attention to the length of Chinese characters: under UTF-8 encoding, a Chinese character occupies 2-3 actual characters.
  5. Upgrade the reserved time window of the day, refresh new data, and modify the field name. ( At present, after our internal discussion, we can only add new fields, transform the system, delete the old fields after publishing, and publish again
    )
  6. If the length exceeds 255 after encryption upgrade:
    1. This field does not use an index, consider using Textor MediumTextto store.
    2. This field uses an index and will not be modified for now.

Guess you like

Origin blog.csdn.net/a203206868/article/details/131555378
Recommended
The United States plans to restrict the export of large AI models to China and Russia
Apple to reach agreement with OpenAI to bring ChatGPT to iPhone
Ranking
whisper-webui installation tutorial is silky and easy to use
[Base] Laravel concepts laravel basis, the custom service provider: Contracts, ServiceContainer, ServiceProvider, Facades relations
Import torchvision error problem solving DLL: module not found
observer & watch & notify = pub & sub
A small turntable program [HTML + CSS + JS]
CorelDRAW 2018 shortcuts Daquan
Supervise el botón de menú para lograr un gatillo de presión prolongada
JS将时间秒转换成天小时分钟秒的字符串
RIP basic configuration
[Deleted] solution to a problem a few questions (Noip1994)
Daily
More
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)

Code World

© 2018 codetd.com