| 摘要 |
Method comprising: in response to receiving a first command specifying first data, first cryptographic key, and column identifier of a column (field, attribute) 330 of rows (individual entry, tuple, record) in table 235 of a database 220, the first data is encrypted using the cryptographic key. The encrypted data is stored to a first row in the column. Characterization data 242 (bitmap, hash, checksum) is also created specifying valid contents of the column of rows. In response to receiving a query command specifying a second cryptographic key and the column 330, the column is decrypted using the second key to create decrypted data. If decrypted data does not satisfy the valid contents specified by the characterization data, an invalid cryptographic key action is performed. Characterisation data comprises one occurrence of each character present in the column of rows and a range of the valid contents of the column of rows. |
