| CPC H04L 9/0833 (2013.01) [G06F 16/2379 (2019.01); H04L 9/0891 (2013.01)] | 20 Claims |
|
1. One or more non-transitory computer-readable media storing computer-executable instructions that, when executed by a processor, perform a method for tenant-specific encryption of pre-existing data in connection with a database employing group-level encryption, the method comprising:
receiving an assignment of an encryption group identifier to a container, the encryption group identifier defining an encryption key for encrypting the container;
responsive to receiving the assignment, creating a special container entry corresponding to the container,
wherein the special container entry comprises a processing state, and
wherein the special container entry is initialized in an inactive state;
receiving a commit operation of the assignment of the encryption group identifier;
initializing a job for re-encrypting the container according to the encryption group identifier;
initiating a flush operation by which the container is re-encrypted using the encryption key and persisted to a data volume; and
deleting the special container entry upon completion of the flush operation.
|