Re: Encrypting Data using SQL Server 2005
- From: "Mike C#" <xyz@xxxxxxx>
- Date: Thu, 8 Nov 2007 21:27:32 -0500
"Greg Larsen" <gregalarsen@xxxxxxxxxxxxxxxx> wrote in message
news:1DB4AD7C-69C7-4BD8-B48F-8166CD35DABE@xxxxxxxxxxxxxxxx
Can't seem to see those attachments. But I think from your reply you
confirmed what I was saying.
Now what I wonder is why are you encrypting a symmetric key with another
symmetric key. What exactly does this accomplish?
It provides layered protection for your keys. You can theoretically replace
any key in the mid- to upper-levels of your key hierarchy and only need to
decrypt and re-encrypt the keys it protects, until you reach the
bottom-level keys. The result is that you can theoretically change
intermediate and top-level keys on very often with very little effect on
your server or processes, and you can change bottom-level keys much less
often.
Of course if you change the bottom-level keys you have to decrypt and
re-encrypt all your protected data, which can be a resource-intensive
operation.
.
- References:
- Encrypting Data using SQL Server 2005
- From: Greg Larsen
- Re: Encrypting Data using SQL Server 2005
- From: Kent Tegels
- Re: Encrypting Data using SQL Server 2005
- From: Greg Larsen
- Re: Encrypting Data using SQL Server 2005
- From: Kent Tegels
- Encrypting Data using SQL Server 2005
- Prev by Date: guideline for service account user
- Next by Date: Re: deny users from accessing server from Management Studio
- Previous by thread: Re: Encrypting Data using SQL Server 2005
- Next by thread: Re: Error: 18488
- Index(es):
Relevant Pages
|
|
