Help Center/ Database Security Service/ User Guide/ Database Security Encryption Management/ System administrator operation guide/ Service Test and Analysis
Updated on 2025-04-16 GMT+08:00
View PDF
Share

Service Test and Analysis

Before encryption, you are advised to test the database to check whether the SQL statements used in services can be used in the encryption environment. In this way, service errors that may be result from encryption can be eliminated, reducing service test costs. After data is encrypted, the data will be changed from Chinese characters, English letters, or numbers to hexadecimal strings. As a result, some SQL statements that can be executed before may fail to be executed after data encryption.

For example, fuzzy query of strings, calculation of values, and range search may fail.

Before encryption, analyze the SQL statements run by users to determine whether tables can be encrypted.

  • Abnormal SQL statements: SQL statements that cannot be parsed, for example, incorrect SQL statements or SQL statements that are too complex to be parsed.
  • Blocked SQL statements: SQL statements that are not supported by database encryption and access control.

Procedure

  1. Log in to a database encryption and access control instance as the sysadmin user.
  2. Create a service analysis task.

    1. In the navigation tree on the left, choose Service Test > Service Analysis.
    2. In the data source area on the left, click a data source.
      Figure 1 Selecting a data source
    3. Click Add Analysis Table, configure a table, and click OK.
      Figure 2 Adding a table
    4. Click the icon in the Start column of the table.
      Figure 3 Start

  3. Use the proxy address to access the database and run a SQL statement.

    1. Choose Asset Management > Data Source Management and obtain the proxy address.

      The IP address is that of database encryption and access control, and the proxy port is that configured when the data asset is added.

    2. Configure the access proxy address on the database tool and connect to the database.

      For details about the host and port number, see the preceding steps. Set the username and password based on site requirements. The following figure is only an example. Configure the proxy access connection based on the specific database tool.

      Figure 4 Configuring the proxy address
    3. Run an abnormal SQL statement on the database tool.

      For example, run the following statements:

      Table 1 Exception examples

      Type

      Statement

      Abnormal SQL statement

      select * fform table

      Blocked SQL statement

      RENAME TABLE sys_user to abc

  4. View the logs of the abnormal SQL statements on the web console.

    1. In the navigation tree on the left, choose Service Test > Service Analysis.
    2. In the data source area on the left, click a data source.
    3. Click Parse Exception SQL to view the abnormal SQL statements.
      Figure 5 Abnormal SQL statements

  5. On the web console, view the analysis results of blocked SQL statements.

    1. In the navigation tree on the left, choose Service Test > Service Analysis.
    2. In the data source area on the left, click a data source.
    3. You can view the number of abnormal records in the list.
      Figure 6 Viewing the number of blocked SQL statements
    4. Click View Log to view the records of blocked SQL statements.
      Figure 7 Viewing blocked SQL statements
    5. Click Analysis Report to view the encryption suggestions of the table.
      As shown in Figure 8, if you have renamed a database table, you are not advised to encrypt the table.
      Figure 8 Analysis and suggestions