MyDiamo Design Concepts
MyDiamo is the first encryption solution for both MySQL and MariaDB, providing users with comprehensive database security features. MyDiamo utilizes not only encryption, but also access control, encryption/decryption privilege management, and auditing functions in order to create a fully secure database.
MyDiamo is designed around two main architectural principles. The two main architectural points are:
1) Encryption Target: Column-level
2) Encryption Location: DBMS Engine
To learn more about these two concepts, watch the video below as Jacob Pollock, a MyDiamo engineer, explains the design principles behind MyDiamo. He will also provide insight on how to apply these principles when implementing MyDiamo.
In the video Jacob Pollock explains the nature of a database. The different levels in a database are explained and he goes on to explain what the data encryption process actually consists of. He emphasizes the management of encryption keys, access control, and auditing functions and how they help in creating maximum security. MyDiamo’s use of context-aware encryption is highlighted. He then moves onto explaining the two principles of column-level encryption, and performing encryption at the lowest possible level possible; highlighting that MyDiamo aims at working with the system while putting the least amount of burden on it.