All posts by Mike Frank

Using a MySQL Keyring SECRET and Asymmetric Encryption

For an encrypt only or decrypt/encrypt applications

The following is an example of how to allow applications to asymmetrically encrypt data using a public key. In MySQL 8.0.19 support for the SECRET datatype was added to our Keyring technology. With this technology, users can securely manage their own keys using:

Oasis KMIP protocol implementations:

MySQL Guide to Ports

There could be from one to over ten ports used within your MySQL ecosystem.  It really depends on what you have enabled, which components you are using, how your applications connect, and other characteristics of your environment.

From a security point, these ports need to be opened just wide enough to allow the various components  that should communicate to talk while blocking out anything else trying to hack its way in – the goal being to enforce the security principle of “least privilege”. …

MySQL 8.0 – Announcing GA of the MySQL Document Store

In this blog I’ll explain the big wins that come with the MySQL Document Store in the MySQL 8.0 GA.


= Winning Combination
= Relational + Document Store + Hybrid
= Big Win For Devs
= Big Win for DBAs
= Big Win for Data Analysts
= Big Win for LOB owners

First, let’s start by considering some modern software facts

  • Move faster, change rapidly
  • Time to market is critical
  • Rapid prototyping, iterate fast and frequently
  • Relational Models ask for schema up front
  • Potentially saving time later
  • Less variation, less code for edge cases
  • Easy to run in-depth analytics
  • Document Models do not ask for a schema
  • Saves time up front
  • Often adds operational costs in the long term
  • Getting Analytics from the data can be way more work
  • Most popular NoSQL database use similar data structures to relational databases (B+TREE)
  • No inherent scalability advantages
    Yet behind on key functionality
  • Standing up multiple database technologies adds complexity for operations teams

Customers continually tell us they want to simplify their data infrastructure.…