All posts by Mike Frank

Auditing Changes to Classified Data Stored in MySQL 8.0

November 18, 2020MySQLMike Frank

The Challenge

Often with sensitive information, you need to have an audit log. Frequently data such as this will contain a classification level as part of the row, defining policies for how it is handled, audited, etc. In a prior blog I discussed how to audit the selection of classified data.

…

MySQL Audit Data Consolidation – Made Simple

November 3, 2020MySQLMike Frank

In this blog, I am going to demonstrate how to create your own consolidated audit log archive across many mysql instances. In a followup I’ll show how to extend this example by creating a simple hash chain on that archive – so you can prove whether or not its been modified or tainted in any way and if so where.…

Auditing Selection of Classified Data Stored in MySQL 8.0

September 17, 2020Audit, MySQL, Security, SQLaudit regulation classified data mysqlMike Frank

The Challenge

Often with sensitive information, you need to have an audit log. Not just that a table had a select run, but that specific cells within the table were accessed. Frequently data such as this will contain a classification level as part of the row, defining policies for how it is handled, audited, etc.

…

Using a MySQL Keyring SECRET and Asymmetric Encryption

April 6, 2020MySQLMike Frank

For an encrypt only or decrypt/encrypt applications

The following is an example of how to allow applications to asymmetrically encrypt data using a public key. In MySQL 8.0.19 support for the SECRET datatype was added to our Keyring technology. With this technology, users can securely manage their own keys using:

Oasis KMIP protocol implementations:

…

Exporting Masked and De-Identified Data from MySQL

April 16, 2019MySQLMike Frank

In all likelihood your MySQL database contains valuable and sensitive information. Within that database, MySQL protects that data using features such as encryption, access controls, auditing, views, and more. However in many cases you may need to share some of this data, but must at the same time protect that sensitive information.

…

MySQL Guide to Ports

There could be from one to over ten ports used within your MySQL ecosystem. It really depends on what you have enabled, which components you are using, how your applications connect, and other characteristics of your environment.

From a security point, these ports need to be opened just wide enough to allow the various components that should communicate to talk while blocking out anything else trying to hack its way in – the goal being to enforce the security principle of “least privilege”. …

MySQL 8.0 – Announcing GA of the MySQL Document Store

April 19, 2018MySQLMike Frank

In this blog I’ll explain the big wins that come with the MySQL Document Store in the MySQL 8.0 GA.

Basically

SQL + NOSQL
= Winning Combination
= Relational + Document Store + Hybrid
= Big Win For Devs
= Big Win for DBAs
= Big Win for Data Analysts
= Big Win for LOB owners

First, let’s start by considering some modern software facts

Move faster, change rapidly
Time to market is critical
Rapid prototyping, iterate fast and frequently
Relational Models ask for schema up front
Potentially saving time later
Less variation, less code for edge cases
Easy to run in-depth analytics
Document Models do not ask for a schema
Saves time up front
Often adds operational costs in the long term
Getting Analytics from the data can be way more work
Most popular NoSQL database use similar data structures to relational databases (B+TREE)
No inherent scalability advantages
Yet behind on key functionality
Standing up multiple database technologies adds complexity for operations teams

Customers continually tell us they want to simplify their data infrastructure.…

Protecting Data with Digital Signatures by Example using MySQL Enterprise Edition

June 21, 2017MySQL, Security, SSLMike Frank

Often databases contain data that needs to be proven as valid and authentic. We want to ensure that a known person or other sender (e.g. a trusted app) of the information can’t deny content, nor that the content can change without that person (senders) consent.…

Hybrid Data Encryption by Example using MySQL Enterprise Edition

June 1, 2017MySQL, SecurityMike Frank

Sharing keys, passphrases with applications is problematic, especially with regard to encrypting data. Too often applications are developed where “the keys are left in the door” or at best “under the mat” – hard coded, in a clear text property file… exposed and vulnerable. …

MySQL 5.7.12 – Part 6: MySQL Document Store – A New Chapter in the MySQL Story

April 20, 2016Document Store, MySQLMike Frank

So hopefully you’ve read the first 5 blogs in this 6 part series you should have a good introduction to
• Part 1 – What we heard from the MySQL Community (keep it solid, and innovate faster) and our change to new release model those requirements.…

MySQL Server Blog

News from the MySQL Server Team

All posts by Mike Frank

Auditing Changes to Classified Data Stored in MySQL 8.0

The Challenge

MySQL Audit Data Consolidation – Made Simple

Auditing Selection of Classified Data Stored in MySQL 8.0

The Challenge

Using a MySQL Keyring SECRET and Asymmetric Encryption

For an encrypt only or decrypt/encrypt applications

Exporting Masked and De-Identified Data from MySQL

MySQL Guide to Ports

MySQL 8.0 – Announcing GA of the MySQL Document Store

Basically

First, let’s start by considering some modern software facts

Protecting Data with Digital Signatures by Example using MySQL Enterprise Edition

Hybrid Data Encryption by Example using MySQL Enterprise Edition

MySQL 5.7.12 – Part 6: MySQL Document Store – A New Chapter in the MySQL Story