CPC G06F 16/2379 (2019.01) [G06F 16/2246 (2019.01); G06F 16/27 (2019.01); H04L 9/0643 (2013.01); H04L 9/0861 (2013.01); H04L 9/14 (2013.01); H04L 9/3242 (2013.01)] | 30 Claims |
1. A system comprising:
at least one hardware processor; and
a memory storing instructions that cause the at least one hardware processor to perform operations comprising:
determining a derived encryption key using a cryptographic hash function applied to a hybrid tenant master encryption key and a local random generated identifier;
encrypting a record value and a key value associated with a transaction using the derived encryption key;
determining a non-leaf node using a tenant prefix of a tenant;
inserting the encrypted record value at a leaf node below a non-leaf node of a tree structure associated with the tenant;
receiving a second transaction for performing a read operation on a distributed database, the second transaction associated with an account;
retrieving a set of encryption keys based at least in part on the account and the tenant;
decrypting, using the set of encryption keys, data from the distributed database; and
providing the decrypted data as a result of the second transaction.
|