Database-Level Master and Dual Master Keys

SAP ASE allows users to create database-level encryption keys called the master key and the dual master key. These keys both act as key encryption keys, and are used to protect other keys, such as column and database encryption keys, and service keys.

The master key and the dual master key must have different owners. You can provide passwords for the master keys using either isql, or through a server-private file that is accessible only by the SAP ASE. The passwords to these keys are not stored in the database.

• Creating the Master and Dual Master Keys
  Once created, master keys become the default protection method for encryption keys. A dual master key is required only for dual control of column and database encryption keys.
• Setting Passwords for the Master and Dual Master Keys
  The base key owner, or a user who owns a regular key copy, can set the password for the master and dual master keys. Passwords must be set before master keys can be used.
• Altering Passwords and Key Encryption Keys for Master Key Copies
  Users who own master key copies can change the passwords for their key copies.
• Regenerate Master Keys
  Periodically change the master and dual master keys. However, each time you change the master and dual master keys, you must also reencrypt all column and database encryption keys using the new master and dual master keys.
• Dropping Master Keys and Key Copies
  A user with sso_role or keycustodian_role can drop a master or dual master key provided that there are no other column or database encryption keys that are currently encrypted using that master or dual master key.
• Recovering the Master Key and Dual Master Key
  A user with sso_role or keycustodian_role can recover the master or dual master key.
• Starting SAP ASE in Unattended Start-Up mode
  Use unattended start-up mode to allow access to the master keys when the password holders are unavailable.