The create encryption key command supports the full database encryption feature.
The database encryption key is a 256-bit symmetric key that is created in the master database and used to encrypt a database.
create encryption key keyname [for algorithm] for database encryption [with {[master key] [key_length 256] [init_vector random] [[no] dual_control]}
create encryption key testkey for database encryption with master key
create encryption key testkey for database encryption with dual_control
create encryption key testkey for database encryption with master key dual_control
create encryption key testkey for database encryption with master key no dual_control
create encryption key testkey for database encryption with no dual control
sp_configure 'enable encrypted columns', 1 create encryption key master with passwd "testpassword" set encryption passwd 'testpassword' for key master create encryption key dbkey for database encryption
#define EK_DBENCKEY 0x1000
ANSI SQL – Compliance level: Transact-SQL extension.
Granular permissions enabled | SAP ASE creates a new permission called "manage database encryption key." You must have permission to create a database encryption key. |
Granular permissions disabled | You must be a user with sso_role, keycustodian_role, or have create encryption key privilege. |