Na atụmanya mmalite nke ndebanye aha ọhụrụ maka usoro ahụ anyị na-aga n'ihu na-ebipụta usoro isiokwu gbasara izo ya ezo na MySQL.
N'isiokwu bu ụzọ n'usoro isiokwu a, anyị tụlere . Taa, dabere na ihe ọmụma enwetara na mbụ, ka anyị leba anya na ntụgharị nke igodo isi.
Ntugharị igodo nna ukwu gụnyere iwepụta igodo nna ukwu ọhụrụ yana iji igodo ọhụrụ a megharịa igodo oghere table (nke echekwara na okpokoro okpokoro)
Ka anyị cheta ihe nkụnye eji isi mee tebụl ezoro ezo dị ka:
Site na edemede gara aga, anyị maara na ihe nkesa na-agụ ndị isi nke oghere tebụl ezoro ezo na mmalite ma na-echeta ID ID kachasị. Dịka ọmụmaatụ ma ọ bụrụ na anyị nwere tebụl atọ nwere KEYID = 3 na otu tebụl nwere KEYID = 4, mgbe ahụ ID igodo kachasị ga-abụ 4. Ka anyị kpọọ ID KEY a - MAX KEY ID.
Kedu ka ntụgharị igodo ukwu si arụ ọrụ
1. Onye ọrụ na-eme ALTER INNODB MASTER KEY.
2. Ihe nkesa ahụ na-arịọ igodo iji mepụta igodo ukwu ọhụrụ na UUID na KEYNJ ha na otu gbakwunyere MAXAMAOKWUNJ. Ya mere, anyị nwetara id isi igodo ha nhata INNODBKEY-UUID-(MAXAMAOKWUID + 1). N'ọgbọ nke igodo nna ukwu nke ọma, MAX KEY ID na-abawanye site na otu (ya bụ MAX).AMAOKWUID=MAXAMAOKWUID + 1).
3. Ihe nkesa ahụ na-enyocha oghere tebụl niile ejiri igodo nna ukwu ezoro ezo, yana maka oghere tebụl ọ bụla:
-
jiri igodo nna ukwu ọhụrụ zoo igodo tablespace;
-
na-emelite id igodo na MAX ọhụrụAMAOKWUNJ;
-
Ọ bụrụ na UUID dị iche na UUID nkesa, melite UUID nkesa.
Dị ka anyị si mara, Master Key ID eji emebi tebụl nwere UUID na akara ID nke a na-agụ site na nkụnye eji isi mee tablespace. Ihe anyị na-eme ugbu a bụ imelite ozi a na isi okwu nzuzo nke tablespace ka sava wee nweta igodo nna ukwu ziri ezi.
Ọ bụrụ na anyị nwere okpokoro okpokoro site na ebe dị iche iche, dị ka ndabere dị iche iche, mgbe ahụ ha nwere ike iji igodo ukwu dị iche iche. Ọ ga-adị mkpa ka eweghachite igodo nna ukwu ndị a na ebe nchekwa mgbe ebidochara sava ahụ. Nke a nwere ike belata mmalite ihe nkesa, ọkachasị ma ọ bụrụ na ejiri ụlọ ahịa igodo akụkụ nkesa. Site na ntugharị igodo ukwu, anyị na-eji otu igodo nna ukwu jiri otu igodo ezogharịa igodo oghere ọzọ bụ otu maka oghere tebụl niile. Ihe nkesa kwesịrị ịnata naanị otu igodo isi na mmalite.
Nke a, n'ezie, bụ naanị mmetụta dị mma. Ebumnuche bụ isi nke ntụgharị igodo nna ukwu bụ ime ka sava anyị dịkwuo nchebe. Ọ bụrụ na ezuru igodo nna ukwu n'ụzọ ụfọdụ (dịka ọmụmaatụ, site na Vault Server), ọ ga-ekwe omume ịmepụta igodo nna ukwu ọhụrụ wee zoo igodo oghere table, mebie igodo zuru ezu. Anyị nọ na nchebe...fọrọ nke nta.
N'edemede gara aga, ekwuru m otu mgbe ezuru igodo tablespace, ndị ọzọ nwere ike iji ya decrypt data. Ọ bụrụhaala na enwere ohere ịnweta diski anyị. Ọ bụrụ na ezuru igodo nna ukwu ma nwee ike ịnweta data ezoro ezo, ị nwere ike iji igodo nna ukwu ezuru iji mebie igodo tablespace wee nweta data ezoro ezo. Dị ka ị pụrụ ịhụ, ntụgharị nke isi ihe isi anaghị enyere aka na nke a. Anyị na-eji igodo nna ukwu ọhụrụ ezoghachi ya ọzọ, mana igodo ejiri ezochi/decrypt data na-anọgide otu. Ya mere, "hacker" nwere ike ịga n'ihu iji ya mebie data ahụ. Na mbu m gosiputara nke ahu nwere ike ịrụ ezi tablespace re-encryption, ọ bụghị naanị mfe tablespace ọzọ izo ya ezo. A na-akpọ njirimara a eriri nzuzo. Agbanyeghị, ọrụ a ka na-anwale ugbu a.
Ntugharị igodo nna ukwu bara uru mgbe ezuru igodo ukwu, mana ọ nweghị ụzọ onye mwakpo ga-eji ya wee mebie igodo oghere tebụl.
GỤKWUO:
isi: www.habr.com