Help Center/ Database Security Service/ User Guide/ Database Security Encryption Management/ System administrator operation guide/ Sensitive Data Discovery/ Creating an Encrypted Task in the Result
Updated on 2025-04-29 GMT+08:00
View PDF
Share

Creating an Encrypted Task in the Result

You can create an encryption task based on the sensitive data discovery result. This section describes how to create an encryption task in the result.

Before configuring the encryption task, you are advised to perform a simulated encryption test to check whether any problem occurs during the process. Rectify the fault.

You can also create an encryption task in data encryption module. For details, see Configuring an Encryption Task.

Before the encryption, the data table information is plaintext information, as shown in Figure 1.
Figure 1 Query result before encryption

Prerequisites

Before creating an encrypted task, you have created a key.

Creating an Encryption Task

  1. Log in to a database encryption and access control instance as the sysadmin user.
  2. In the navigation tree on the left, choose Sensitive Data Discovery > Sensitive Data Scan.
  3. On the scan task list page, locate the target data asset and click View.
  4. On the scan result page, locate the target database table and click Add Encryption Task.
  5. In the displayed dialog box, set encryption information. Table 1 describes the configuration information.

    Table 1 Adding an encrypted task

    Parameter

    Description

    Data Source

    Name of a data asset.

    Schema

    Name of the schema of the asset.

    Table

    Name of the table of an asset.

    Encryption Algorithm

    Select an encryption algorithm from the drop-down list box.

    You can view the supported algorithm types on the Checking the Encryption Algorithm page.

    Verification Algorithm

    Select a verification algorithm from the drop-down list.

    The verification algorithm is used to verify the integrity of important data. You can view the supported algorithm types on the Checking the Encryption Algorithm page.

    Batch Size

    The amount of data processed by each batch of encryption task.

    Number of Threads

    Number of threads occupied by the encryption task.

    Start Task

    If this parameter is selected, the task is automatically started after being created.
    Figure 2 Adding an encrypted task

  6. Click the Encryption List tab, select columns to be encrypted, and set whether to enable fuzzy search.

    After encryption, fuzzy search cannot be performed by default. If the following conditions are met, select Enable Fuzzy Search. Fuzzy search supports % and _.
    • The ciphertext is encoded in hexadecimal format and does not support BASE64 encoding. For details, see Setting Encryption Parameters.
    • The field is of the string type (varchar). Other types are not supported.
    Figure 3 Selecting encrypted column

  7. Click Initialize Table to initialize the data table.
  8. Click Complete.

Upgrade Verification

  1. After the encryption task is created, choose Data Encryption > Encryption Task Management to view and manage the new task.
  2. The encryption task is automatically removed after inventory data is encrypted. In this case, the task is removed, but the system continues to encrypt data.

    Figure 4 Full encryption mode

  3. Query the database table again. The query result is encrypted data, as shown in Figure 5.

    Figure 5 Encrypted data

Parent topic: Sensitive Data Discovery