853
CHAPTER
34
Data Encryption
IN THIS CHAPTER
Introducing Data EncryptionUsing the SQL Server ToolsS
ecuring access to the table is usually suffi cient (commonly called data protection in motion);
if not, securing the column suffi ces (commonly called data protection at rest). However, for
some information, such as Social Security numbers or secret government data, the informa-
tion’s sensitivity warrants further security by encrypting the data stored in the database.SQL Server 2012 can encrypt data inside SQL Server with passwords, keys, certifi cates, or transpar-
ent data encryption in the Enterprise edition. All editions of SQL Server support data encryption.What’s New with Encryption in SQL Server 2012
■ (^) Transparent Data Encryption (in Enterprise only)
Introducing Data Encryption
Data encryption is the process to transform information using a process that basically makes text
unreadable. The data is unreadable to anyone except those who have a special key to decrypt the
data. Without the key, the data is impossible to unscramble.Symmetric encryption uses one key to both encrypt and decrypt the sensitive data in the database.The same key can encrypt and decrypt the messages, which is considered riskier because of the
encryption algorithm. This may not be a problem when encrypting and decrypting data inside SQL
Server.Asymmetric is considered more secure because the decryption key does not need to be known to
encrypt. This type of encryption has two keys, one being a private key, which is paired with a
second public key. In other words, if I encrypt some data using my public key and you already have
my private key, then you can decrypt the data.c34.indd 853c34.indd 853 7/31/2012 10:01:45 AM7/31/2012 10:01:45 AM
http://www.it-ebooks.info