Database Reference
In-Depth Information
-- Finally let us turn ON the encryption for the
AdventureWorks2008R2 database
ALTER DATABASE AdventureWorks2008R2
SET ENCRYPTION ON
GO
5.
To obtain basic information on the database encryption information, run the
following query:
--Obtain the encryption status for databases
SELECT * FROM sys.dm_database_encryption_keys ;
GO
6.
The previous mentioned query returns the database encryption state value; 2 means
the encryption has begun and 3 indicates that the encryption has been completed. In
addition to the encryption state, the value key algorithm and key length information is
also displayed.
7.
The different values for encryption_state are as follows:
0 = No database encryption key present, no encryption
1 = Unencrypted
2 = Encryption in progress
3 = Encrypted
4 = Key change in progress
5 = Decryption in progress
6 = Protection change in progress (The certificate or asymmetric key that is
encrypting the database encryption key is being changed)
8.
As we have completed the database encryption tasks, it is essential to perform
the backup of the certificate, private key, and master key for the server using the
following TSQL statements:
--Steps to Backup certificate, Private key and master key
--Master key
BACKUP MASTER KEY TO FILE = 'D:\SampleDBz\ServerMasterKey'
ENCRYPTION BY PASSWORD = 'Op3n$esame'
--Certificate and private key
BACKUP CERTIFICATE DBIA_DBEncryptCertificate TO FILE = 'D:\
SampleDbz\DBEncryptCertPrivateKey'
WITH PRIVATE KEY ( FILE = 'D:\SampleDBz\DBEncryptCertPrivateKey',
ENCRYPTION BY PASSWORD = 'Op3n$esame')
This completes the process of designing and implementing transparent data encryption on an
existing database without making any changes to client applications.
 
Search WWH ::




Custom Search