Specification

Home / Product / Specification

All About MyDiamo

#fancy-title-5952c38251fa4 a{ color: #274e75; }

MyDiamo provides a comprehensive security solution with encryption, access control and auditing.

#fancy-title-5952c38252177 a{ color: #274e75; }
.page-section-5952c38251936 { padding:0px 0; background-attachment:scroll; background-attachment: scroll\9 !important; background-position:left top; background-repeat:repeat; } .page-section-5952c38251936 .alt-title span { } .page-section-5952c38251936.section-expandable-true:not(.active-toggle):hover .mk-section-color-mask { opacity:0.8 !important; } .page-section-5952c38251936 .expandable-section-trigger i { opacity:1; top:0 !important; }

Encryption

#fancy-title-5952c382529aa a{ color: #274e75; }
In order to enhance usability of open source DBMS encryption, we have focused on enabling encryption on the application level, and column-level with the following features.

  • Supported encryption algorithms: AES, AES256, TDES, BLOWFISH, BLOWFISH256, RC4, AESNI, AESNI256
  • Supported operation modes: CBC, CFB, CFB_BYTE, RC4
  • Supported Initial Vectors: Fixed IV, Variable IV
  • – Fixed IV: Each column has a different initial vector. If there are records that have the same value in a particular column, when the column is encrypted each record on that column will have the same encrypted value.
  • – Variable IV: Each record has a different initial vector. Even if records contain the same value in a particular column, when the column is encrypted each record will have a different encrypted value.

#fancy-title-5952c382532fe a{ color: #313131; }

  • Supported encryption types:
  • – char, varchar, varbinary, tinyint, smallint, mediumint, int, bigint, float, double, tinyblob, blob, mediumblob, longblob, tinytext, text, mediumtext, longtext

#fancy-title-5952c38253947 a{ color: #313131; }

  • Partial Encryption Supported Type: char, varchar, varbinary
  • Trigger column encryption
  • Default column encryption
  • Partial encryption
  • Masking
  • – The MyDiamo admin can set the result values for empty data, masking, error codes, and encrypted values when someone without decryption privileges attempts to view data.

#fancy-title-5952c38253fb1 a{ color: #313131; }

  • One way encryption (Keyed Hash):
  • – Based on SHA-256 algorithm and supports raw and base64 type encryption.

#fancy-title-5952c382545ed a{ color: #313131; }

  • Encryption key import and export
  • Encryption and decryption privilege management

#fancy-title-5952c38254776 a{ color: #313131; }
.page-section-5952c382523e2 { padding:0px 0; background-attachment:scroll; background-attachment: scroll\9 !important; background-position:left top; background-repeat:repeat; } .page-section-5952c382523e2 .alt-title span { } .page-section-5952c382523e2.section-expandable-true:not(.active-toggle):hover .mk-section-color-mask { opacity:0.8 !important; } .page-section-5952c382523e2 .expandable-section-trigger i { opacity:1; top:0 !important; }

Access Control and Auditing

#fancy-title-5952c38254f9a a{ color: #274e75; }
As well as database encryption, we have provided a comprehensive security software package by offering access control and auditing, so users can monitor who accesses data or policies.

  • Access control for encrypted columns (Per each IP address & DB user)
  • Audit log for encrypted columns
  • – Deny log: records permission deny counts
    – Access log: records access, encryption, and decryption counts for encrypted columns
    – Query log: records queries

#fancy-title-5952c3825579f a{ color: #313131; }

  • Audit log forgery prevention
  • – Includes hash logs for preventing forgery

#fancy-title-5952c38255940 a{ color: #313131; }

  • Security policy backup and restore

#fancy-title-5952c38255afc a{ color: #313131; }
.page-section-5952c38254a54 { padding:0px 0; background-attachment:scroll; background-attachment: scroll\9 !important; background-position:left top; background-repeat:repeat; } .page-section-5952c38254a54 .alt-title span { } .page-section-5952c38254a54.section-expandable-true:not(.active-toggle):hover .mk-section-color-mask { opacity:0.8 !important; } .page-section-5952c38254a54 .expandable-section-trigger i { opacity:1; top:0 !important; }

Performance

#fancy-title-5952c382562ff a{ color: #274e75; }
Out of concern that all encryption influences performance, we have continuously upgraded products to alleviate such concerns, and provide high quality performance information.

  • Performance improved by 22% when using AES-NI
  • Performance reduction of MyDiamo within DB measured by sysbench tool is 6.5%
  • – Tested on CentOS 7 64Bit/ 8Core/ 8GB Memory/ MySQL TDE 5.7.17/ Sysbench-0.5 OLTP Test Mode

#fancy-title-5952c38256b45 a{ color: #313131; }

  • Overall practical performance is influenced by less than 5%

#fancy-title-5952c38256cf1 a{ color: #313131; }
.page-section-5952c38255dbe { padding:0px 0; background-attachment:scroll; background-attachment: scroll\9 !important; background-position:left top; background-repeat:repeat; } .page-section-5952c38255dbe .alt-title span { } .page-section-5952c38255dbe.section-expandable-true:not(.active-toggle):hover .mk-section-color-mask { opacity:0.8 !important; } .page-section-5952c38255dbe .expandable-section-trigger i { opacity:1; top:0 !important; }