When you specify a column for encryption, you may use a named key from the same database, or from a different database. If you do not specify a named key, the column is automatically encrypted with the default key from the same database.
Encrypting with a key from a different database provides a distinct security advantage because it protects against access to both keys and encrypted data in the event of theft of a database dump. To access data, access to both the database archive containing data and the database archive containing encryption keys is necessary. Administrators can also protect database dumps with different passwords, making unauthorized access even more difficult.
Encrypting with a key from a different database needs special care to avoid data and key integrity problems in distributed systems. Carefully coordinate database dumps and loads. If you use a named key from a different database, Sybase recommends that:
When you dump the database containing encrypted columns, you also dump the database where the key was created. This is necessary if new keys have been added since the last dump.
When you dump the database containing an encryption key, dump all databases containing columns encrypted with that key. This keeps the encrypted data in sync with the available keys.
The System Security Officer can identify all the columns encrypted with a given key using sp_encryption. See “sp_encryption”.
| Copyright © 2005. Sybase Inc. All rights reserved. |
|
|
