What is Encryption at rest (EAR)?

Database stores data in its own format on the disk. While the data looks obscure to the humans, it can be de-obfuscated and altered with some effort. This poses a risk if malicious user has direct access to the disk, which can bypass the database ACL system to access and alter the data. EAR is the method to encrypt the data on disk (at rest) using an encryption key, which makes this attack impossible. Data is encrypted right before writing to the disk and decrypted right after reading from the disk.

External reference

Database schema migration and version control, Database CI/CD, and DevOps for developers and DBAs

Bytebase is an open source, web-based database schema change and version control tool for teams. It offers a web-based collaboration workspace to help DBAs and Developers manage the lifecycle of application database schemas.

  • MySQL
  • PostgreSQL
  • Snowflake
  • Oracle
  • SQL Server
  • MongoDB
  • Redis
  • Redshift
  • ClickHouse
  • TiDB
  • OceanBase
  • Spanner
  • MariaDB
  • GitLab
  • GitHub
  • Bitbucket
  • Azure DevOps
  • Terraform


Subscribe to Newsletter

By subscribing, you agree with Bytebase's Terms of Service and Privacy Policy.