Hugo Kornelis (4/27/2012)
Interesting question, thanks Koen!
I had it wrong because, like Mohammed, I had to google - and I found this reference that appears to contradict the reference Koen used:
In an Integration Services package, the following information is defined as sensitive:
* Any variable that is marked as sensitive. The marking of variables is controlled by Integration Services.
Also, for the protection levels that use a password, Integration Services uses the Triple DES cipher algorithm with a key length of 192 bits, available in the .NET Framework Class Library (FCL).
Can anyone who knows more about SSIS than I do (i.e.: something) comment on this apparent contradiction?
Never read that MSDN article, but I can see why it leads to confusion.
My question is about the encryption used inside the database engine (SSISDB) to encrypt parameter values. This is a new feature in SQL 2012 and somewhat equivalent to the protection level ServerStorage.
The protection levels however specify how sensitive data (so not only parameter values, but for example passwords in connection strings) are encrypted and this has nothing to do with the SSISDB (protection levels are more a feature of the legacy deployment model). Protection levels can be enforced on packages stored on the filesystem by Integration Services, so it is no way coupled to the encryption inside the SSISDB.
But I understand the confusion 🙂