摘要 |
PROBLEM TO BE SOLVED: To update an encryption key without stopping services to be provided.SOLUTION: An encryption key update system comprises: a plurality of application servers (hereinafter referred to as AP server) 1002, 1003 for executing applications; a database 1004 for storing data used in common by each AP server; a distribution processing control apparatus 1005 for sorting processing to each AP server; and a control server 1001 for sequentially updating the key by each AP server. In each AP server, data is encrypted with a first encryption key used in common by each AP server to generate a first ciphertext to be stored in the database. The first ciphertext read from the database is decrypted with the first encryption key to reproduce the data. The first encryption key is encrypted with a second encryption key for each AP server to create a second ciphertext to be stored. The stored second ciphertext is decrypted with the second encryption key to reproduce the first encryption key. The second encryption key is updated. |