Native multi-tenant encryption for database system

Assignee

• SAP SE · DE

Inventors

• Patrick Voelker · Mannheim, DE
• Holger Mack · Karlsruhe, DE
• Meinolf Block · Heidelberg, DE
• Thorsten Glebe · Leimen, DE
• Mihnea Andrei · Issy-les-Moulineaux, FR
• Yong-sik Kwon · Seocho-gu, KR
• Dirk Thomsen · Berlin, DE
• Martin Schindewolf · Walldorf, DE
• Martin Kittel · Stuttgart, DE
• Myung Sun Park · Seoul, KR
• Beomsoo Kim · Seoul, KR
• Martin Heidel · Walldorf, DE
• Christian Bensberg · Heidelberg, DE
• Fabian Garagnon · Berlin, DE
• Michael Muehle · Walldorf, DE
• Sergej Hardock · Herborn, DE
• Johannes Beigel · Wiesloch, DE
• Sascha Zorn · Neulußheim, DE
• Christoph Hohner · Schwetzingen, DE
• Andreas Hartel · Heidelberg, DE

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L9/0894
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A database system includes a persistent storage system, a memory storing metadata defining a tenant object and a plurality of database artifacts, a first instance of the tenant object, the first instance associated with a first plurality of the database artifacts including first data associated with the first instance of the tenant object, and a second instance of the tenant object, the second instance associated with a second plurality of the database artifacts including second data associated with the second instance of the tenant object. A processing unit is to execute program code of a database instance to cause the database system to encrypt the first data associated with the first instance of the tenant object using a first public encryption key and store the encrypted first data in the persistent storage system, and encrypt the second data associated with the second instance of the tenant object using a second public encryption key and store the encrypted second data in the persistent storage system.