April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon...
-
Upload
william-french -
Category
Documents
-
view
215 -
download
0
Transcript of April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon...
![Page 1: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/1.jpg)
PHILLY.NETCODE CAMP
2010.1
April 10, 2010
![Page 2: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/2.jpg)
Platinum and Gold Partners
![Page 3: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/3.jpg)
Data Encryption and Key Management in SQL
Said SalomonDatabase AdministratorUnitrin Direct Insurance
![Page 4: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/4.jpg)
Who am I?
I has over 25 year experience as an Information Technology Professional. He has a vast array of abilities in the field in the areas of Network, Desktop Support, DBA, Staff Project Management, Application Software Development, Business Analysis and Quality Assurance. I have Microsoft certifications as a MCTS, MCPS, and MCNPS, and multiple certifications from the Insurance Institute of America. Current Said is a DBA at Unitrin Direct Insurance.
![Page 5: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/5.jpg)
SQL Key Management Overview
![Page 6: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/6.jpg)
2008 Key Management Overview
![Page 7: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/7.jpg)
Service Master Key
One per server instance Backup Restore Alter Is automatically generated when needed There is not create command for
Service Master Key
![Page 8: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/8.jpg)
Database Master Key
One per database Is encrypted by the server master key
and the password used when created.
![Page 9: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/9.jpg)
Certificate
Can have as many as need Is encrypted by the database master key
as well as the password use on the certificate
![Page 10: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/10.jpg)
Asymmetric key
Why? Public key Private key No backup Poor performance (100 x)
![Page 11: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/11.jpg)
Symmetric key
Can have as many as needed Is encrypted by the Certificate or
Asymmetric key or Symmetric key or password
Algorithms DES | TRIPLE_DES | TRIPLE_DES_3KEY | RC2 | RC4 | RC4_128 | DESX | AES_128 | AES_192 | AES_256
No Backup
![Page 12: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/12.jpg)
Symmetric Functions
EncryptByKey DecryptByKey EncryptByPassPhrase DecryptByPassPhrase Key_ID Key_GUID
![Page 13: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/13.jpg)
Asymmetric Functions
EncryptByAsmKey DecryptByAsmKey EncryptByCert DecryptByCert Cert_ID AsymKey_ID CertProperty
![Page 14: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/14.jpg)
Demo
SQL Encryption Step-by-Step
![Page 15: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/15.jpg)
Backup Service Master Key BACKUP SERVICE MASTER KEY TO
FILE = 'path_to_file' ENCRYPTION BY PASSWORD = 'password'
![Page 16: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/16.jpg)
Restore Service Master Key RESTORE SERVICE MASTER KEY
FROM FILE = 'path_to_file' DECRYPTION BY PASSWORD = 'password' [FORCE]
![Page 17: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/17.jpg)
Create (Database) Master Key
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'password'
![Page 18: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/18.jpg)
Backup (Database) Master Key
BACKUP MASTER KEY TO FILE = 'path_to_file' ENCRYPTION BY PASSWORD = 'password'
![Page 19: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/19.jpg)
Restore (Database) Master Key
RESTORE MASTER KEY FROM FILE = 'path_to_file' DECRYPTION BY PASSWORD = 'password' ENCRYPTION BY PASSWORD = 'password' [ FORCE ]
![Page 20: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/20.jpg)
Sharing a symmetric key
CREATE SYMMETRIC KEY test_aes128_keyWITH KEY_SOURCE = 'I am the very model of a modern major general', IDENTITY_VALUE = 'E pluribus unum', ALGORITHM = AES_128ENCRYPTION BY PASSWORD = 'p@$$w0rd';
![Page 21: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/21.jpg)
DemoTransparent Data Encryption (2008 only)
![Page 22: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/22.jpg)
Questions?
Please complete the online evaluation form
![Page 23: April 10, 2010. Platinum and Gold Partners Data Encryption and Key Management in SQL Said Salomon Database Administrator Unitrin Direct Insurance.](https://reader031.fdocuments.net/reader031/viewer/2022032805/56649ee45503460f94bf3bc4/html5/thumbnails/23.jpg)
Resources
SQL 2005 Symmetric Encryption By Michael Coles http://bit.ly/bFQsro
My web sitehttp://www.timelordshangout.com
My TwitterSaidSalomon