May 23, 2006 at 8:41 am
I can encrypt columns in sql 2005 but where do I store the key to decrypt the columns?
I can store the key in the database (or server on which the database resides) but I think that offers little security. I could store the key on another server that the sql server accesses only upon startup (though I don't know exactly how to do that). Or I could store the key on a removable drive that is read (and only needed) when the sql server starts up.
What are you ideas on this matter?
TIA,
Bill
May 30, 2006 at 3:34 pm
Key escrow is a problem, like you describe. If you create the database master key it can handle the key escrow for you, however, there is the security trade-off you've mentioned. However, by doing the database master key, you've basically guaranteed that only the members of the sysadmin fixed server role can decrypt without proper security. This would still mean you'd need to export the database master key to a file and store securely, but it does eliminate a lot of the escrow issues by going down this road.
K. Brian Kelley
@kbriankelley
Viewing 2 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply