Securing Your Data With Actian Vector, Part 4

This fourth blog post in the series explains how an existing encrypted database is upgraded from an older version of Actian Vector to Actian Vector 7.0.

Upgrading an Encrypted Database

When upgrading databases from older versions to Actian Vector 7.0, the internal changes to equip them with a “main key” and appropriate derived keys are, of course, handled automatically. For encrypted databases, this includes preserving their already existing database key because it continues to serve for encrypting and decrypting the data.

When using the in-place upgrade method with the “upgradedb” utility, encrypted databases need to be unlocked during the upgrade procedure. Otherwise, the “upgradedb” utility cannot connect to the locked database to perform the upgrade. These five  steps upgrade an encrypted database:

1. After installation and start-up of Actian Vector 7.0, an existing encrypted database is locked and not yet upgraded. Therefore, it is not possible to connect directly to the database to unlock it.
2. Connect to database “iidbdb”. The “iidbdb” database is upgraded automatically during the startup of the new Version 7.0.
3. In the session connected to “iibdb”, temporarily unlock the encrypted database for the upgrade. Run the statement:ENABLE PASSPHRASE ‘<pass phrase>’ ON DATABASE <name_of_encrypted_database>;
4. With the encrypted database temporarily unlocked, it is now possible to run the utility “upgradedb” for this database.
5. After running “upgradedb” for the encrypted database, it is necessary to unlock this database again via a direct connection. Use the Terminal Monitor “sql” with the commandline option “-no_x100” to connect directly to the encrypted database. In this session run the statement:ENABLE PASSPHRASE ‘<pass phrase>’;This last step persists the preservation of the already existing database key.

For more details on securing data with Actian Vector, find out how to:

• Ensure data security with encryption at rest, and how Actian Vector’s Database Encryption functionality implements it.
• Enable data security function-based encryption in Actian Vector.
• Use different encryption keys in Actian Vector.

Trusted Security in Every Upgrade

Upgrading to Actian Vector 7.0 doesn’t mean compromising encryption. The process ensures that existing database keys are preserved, while new key structures are applied automatically. By following a few essential steps, organizations can confidently upgrade their Actian Vector database without disrupting data security or accessibility.

About Martin Fuerderer

Martin Fuerderer is a Principal Software Engineer for HCLSoftware, with 25+ years in database server development. His recent focus has been on security features within database environments, ensuring compliance and robust data protection. Martin has contributed to major product releases and frequently collaborates with peers to refine database security standards. On the Actian blog, Martin shares insights on secure database server development and best practices. Check his latest posts for guidance on safeguarding enterprise data.