Method and apparatus for facilitating role-based cryptographic key management for a database
US8064604B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jan 9, 2007 |
| Grant date | Nov 22, 2011 |
| Priority date | — |
| Expiry date | Aug 1, 2029 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/062
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
One embodiment of the present invention provides a system that facilitates role-based cryptographic key management. The system operates by receiving a request at a database server from a user to perform a cryptographic operation on data on the database server, wherein the user is a member of a role, and wherein the role has been granted permission to perform the cryptographic operation on the data. Next, the system receives from the user at the database server a user key, which is associated with the user. The system then unwraps a wrapped role key with the user key to obtain a role key, which is associated with the role. Next, the system unwraps a wrapped data key with the role key to obtain a data key, which is used to encrypt and decrypt the data. Finally, the system uses the data key to perform the cryptographic operation on the data.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.