Abstract: Embodiments are described for a system comprising a first database server comprising a first master database and a first user database and a second database server comprising a second master database and a second user database. The first database server is configured to select one or more encryption keys from the first master database and the first user database; generate a database backup file based on data content of the first user database and the one or more encryption keys, wherein the data content is encrypted by at least one data encryption key of the one or more encryption keys. The first database server is further configured to encrypt the one or more encryption keys with asymmetric keys or passwords and transmit the database backup file to the second database server.

Abstract: In one embodiment, a method includes determining at least one characteristic of a plurality of ports on an individual basis. The plurality of ports are hosted by a target system and configured to send and receive data. The method also includes creating port groupings, each port grouping including one or more of the plurality of ports. Ports are grouped together in a single port grouping based on at least one shared characteristic of individual ports in the single port grouping. In addition, the method includes receiving, from an initiator port, a target discovery request at a target port of the plurality of ports. Also, the method includes determining which particular port grouping the target port belongs to. Moreover, the method includes sending information about all ports in the particular port grouping to the initiator port in response to receiving the target discovery request from the initiator port.

Abstract: Disclosed herein are system, method, and computer program product embodiments for securely performing a password change. An embodiment operates by receiving a password change request from a user. The password change request comprises an encrypted version of a new password for the user, a cleartext version of the new password, and a login name for the user. The embodiment then executes a command from a password rotator user account with the cleartext version of the new password, the encrypted version of the new password, and the login name. The embodiment then retrieves a public key associated with the login name. The embodiment then determines, based on the public key, that the password change request comes from the user and that the cleartext version of the new password has not been modified. The embodiment then sets the password of a user login associated with the user to the new password.

Abstract: Disclosed herein are various embodiments an SQL extension to source server operations for a key transfer system with authenticity, confidentiality, and integrity. An embodiment operates by receiving, at a source database server, a target public key generated by a target database server. At the source database server, a key pair including both a source public key and a source private key are generated. The source secret is encrypted as an encrypted secret using the received target public key generated by the target database. A digital signature is generated from the encrypted secret using the source private key. The digital signature, source public key, and encrypted secret are provided to the target database, wherein the target database is configured to verify the digital signature, and use the source public key to decrypt the encrypted secret, and access the encrypted data using the source secret.

Abstract: Disclosed herein are various embodiments an SQL extension to key transfer system with authenticity, confidentiality, and integrity. An embodiment operates by generating a key pair including both a target public key and a target private key. The target public key is provided to a source database server, wherein the source database server includes a source secret for unencrypting encrypted data accessible to the target database server. A source public key generated by the source database server and a digital signature signed with a source private key generated by is received from the source database server including an encrypted version of the source secret. The digital signature is verified as being valid. The encrypted version of the source secret is unencrypted using the target private key and the source secret is used to access the encrypted data.

Abstract: In one embodiment, a method includes determining at least one characteristic of a plurality of ports on an individual basis. The plurality of ports are hosted by a target system and configured to send and receive data. The method also includes creating port groupings, each port grouping including one or more of the plurality of ports. Ports are grouped together in a single port grouping based on at least one shared characteristic of individual ports in the single port grouping. In addition, the method includes receiving, from an initiator port, a target discovery request at a target port of the plurality of ports. Also, the method includes determining which particular port grouping the target port belongs to. Moreover, the method includes sending information about all ports in the particular port grouping to the initiator port in response to receiving the target discovery request from the initiator port.