1. Field of the Invention
The present invention relates to data security. More specifically, the present invention relates to a method and apparatus for expiring encrypted data.
2. Related Art
As computer systems store ever-larger amounts of sensitive data, it is becoming increasingly important to protect this sensitive data from unauthorized accesses. The global costs incurred from such security breaches can run into billions of dollars annually, and the cost to individual companies can be severe, sometimes catastrophic.
Database systems typically use encryption to protect data. Encryption keys are often stored in a secure key repository that resides outside the database system. Unfortunately, in such situations, key management (i.e. creation, updating, or deletion of keys) can be a difficult task. This is because, on the one hand, removing old keys before the associated encrypted data expires can result in loss of vital information. On the other hand, storing keys indefinitely can lead to storage and security concerns.
Hence, what is needed is a method and an apparatus for managing keys that does not have above mentioned problems.