Planet MySQL Planet MySQL: Meta Deutsch Español Français Italiano 日本語 Русский Português 中文
Showing entries 1 to 10 of 23 10 Older Entries

Displaying posts with tag: encryption (reset)

How-to and Performance Impact of SSL-Encrypted Replication Traffic in Galera Cluster for MySQL
+0 Vote Up -0Vote Down

August 7, 2014 By Severalnines

 

Deploying Galera Clusters across WAN environments might lead to concerns around data privacy and security - especially as more organisations are having to comply with national and international regulations. You would not want hackers eavesdropping or intercepting replication traffic. Encrypted replication hides what is sent between the Galera nodes, and makes sure each node is only communicating to the ones it trusts. But how expensive is encryption?

 

In this blog, we will show you how to encrypt the replication traffic between your Galera nodes. We will …

  [Read more...]
On-disk/block-level encryption for MariaDB
+3 Vote Up -0Vote Down

I don’t normally quote The Register, but I was clearing tabs and found this article: 350 DBAs stare blankly when reminded super-users can pinch data. It is an interesting read, telling you that there are many Snowden’s in waiting, possibly even in your organisation. 

From a MariaDB standpoint, you probably already read that column level encryption as well as block level …

  [Read more...]
Encrypted and incremental MySQL backups with Percona XtraBackup
+0 Vote Up -0Vote Down

We’ve recently received a number of questions on how to implement incremental MySQL backups alongside encryption with Percona XtraBackup. Some users thought it was not initially possible because with the default

--encrypt

options with XtraBackup, all files will be encrypted, but alas, that is not the case. This is where the option

--extra-lsn-dir

becomes useful, because it allows you to save LSN (Log Sequence Number) information to another directory and exclude it from encryption, allowing you to …

  [Read more...]
Heartbleed OpenSSL Bug: Impact on ClusterControl Users & Recommendations on How to Protect your Systems
+0 Vote Up -0Vote Down

April 10, 2014 By Severalnines

 

In the wake of recent concerns and debates raised around the Heartbleed bug, we wanted to update Severalnines ClusterControl users on any impact this bug might have on ClusterControl & associated databases and/or applications.

 

Background

 

If your ClusterControl's web application has been accessible on the internet, then most likely you have also been exposed to the Heartbleed OpenSSL security bug, see: http://heartbleed.com for more details. 

By default, our database …

  [Read more...]
Heartbleed: Separating FAQ From FUD
+1 Vote Up -0Vote Down

If you’ve been following this blog (my colleague, David Busby, posted about it yesterday) or any tech news outlet in the past few days, you’ve probably seen some mention of the “Heartbleed” vulnerability in certain versions of the OpenSSL library.

So what is ‘Heartbleed’, really?

In short, Heartbleed is an information-leak issue. An attacker can exploit this bug to retrieve the contents of a server’s memory without any need for local access. According to the researchers that discovered it, this can be done …

  [Read more...]
Data Encryption with MySQL Enterprise Backup 3.10
Employee +0 Vote Up -0Vote Down

Introduction

MySQL Enterprise Backup (MEB) 3.10 introduces support for encrypted backups by allowing backup images, or single-file backups, to be encrypted. However, backups stored in multiple files in a backup directory can not be encrypted.

Any MEB command that produces a backup image can be optionally requested to encrypt it. The encrypted backup image can be stored in a file or tape in the same way as an unencrypted backup image. Similarly, any MEB command that reads data from a backup image accepts also an encrypted backup image. This means that encrypted backups can be used in all the same situations as unencrypted …

  [Read more...]
Redefining –ssl option
Employee +5 Vote Up -0Vote Down

MySQL clients have long had a –ssl option.  Casual users may think specifying this option will cause clients to secure connections using SSL.  That is not the case:

D:\mysql-5.6.13-winx64>bin\mysql -uroot -P3307 --ssl
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.6.13-log MySQL Community Server (GPL)

Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. …
  [Read more...]
Notes on the AES encryption in MySQL
+2 Vote Up -0Vote Down

Oracle has improved the AES encryption/decryption functions in MySQL 5.6.17. They improved it a lot and posted a blog which explains all the details.

If you would like to know more about encryption there are two resources I would recommend:

  • The Code Book by Simon Singh. This is about the history of cryptography, but it also includes a lot of information about crypto which is currently in …



  [Read more...]
MySQL 5.6.17 – now with better encryption
Employee +1 Vote Up -0Vote Down

Joro wrote recently about MySQL 5.6.17‘s new support for AES-256 encryption, and it’s a great improvement for people need to encrypt their data at rest.  The new session block_encryption_mode variable controls what variant of AES is used, and for backwards compatibility, the default behavior remains 128-bit key …

  [Read more...]
MySQL encryption performance, revisited
+1 Vote Up -0Vote Down

This is part two on a two-part series on the performance implications of in-flight data encryption with MySQL. In the first part, I focused specifically on the impact of using MySQL’s built-in SSL support with some rather surprising results. Certainly it was expected that query throughput would be lower with SSL than without, but I was rather surprised by the magnitude of the performance hit incurred at connection setup time. These results naturally lended themselves to some further investigation; in particular, I wanted to compare …

  [Read more...]
Showing entries 1 to 10 of 23 10 Older Entries

Planet MySQL © 1995, 2014, Oracle Corporation and/or its affiliates   Legal Policies | Your Privacy Rights | Terms of Use

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.