	US 12,443,728 B2
	Restricting data access to target databases
Felix Beier, Haigerloch (DE); Eirini Kalogeiton, Stuttgart (DE); Vassil Radkov Dimov, Stuttgart (DE); Jens Müller, Stuttgart (DE); and Johannes Severin Kern, Boeblingen (DE)
Assigned to International Business Machines Corporation, Armonk, NY (US)
Filed by INTERNATIONAL BUSINESS MACHINES CORPORATION, Armonk, NY (US)
Filed on Jun. 26, 2023, as Appl. No. 18/341,241.
Prior Publication US 2024/0427909 A1, Dec. 26, 2024
Int. Cl. G06F 21/60 (2013.01)

CPC G06F 21/602 (2013.01)

17 Claims

1. A computer-implemented method for performing data synchronization between a source database management system, comprising a trusted source database, and a target database management system, comprising a target database, comprising an untrusted target data store and a trusted target data store, the method comprising:

upon the source database management system performing an update to an object in the trusted source database, wherein the update to the object relates to an object change, sending the object change to a trusted data replication engine;

generating, at the trusted data replication engine, a new encryption key for the object change, wherein the new encryption key replaces a previous key in a key ring store;

encrypting the object change with the new encryption key;

sending the encrypted object change together with the new encryption key to the target database management system;

upon receiving the encrypted object change and the new encryption key the target database management system, replacing the previous key in its trusted data store key ring with the new encryption key;

and

integrating the encrypted object change in encrypted form into the untrusted target data store.