Encryption Key management - Information required
I have a question related to encryption key management in SQLA. Suppose I have 100 sites where encrypted SQLA DB is running. All these encrypted DB is created at central location i.e. datacenter and are transferred/pushed to remote locations.
Q1. Where are the keys held ? How are they managed ? Are there any SAP tools available to manage encryption keys?
Q2. How do I access the Decryption securely ?
Q3. How do we protect the data so that in the wrong hands the 256bit encryption is unbreakable and more so, how do we ensure ‘wrong hands’ cannot access decryption keys?
+91 98450 91970
There may need to be further context shared for this inquiry.
As far as key management, this is typically done by the vendor of the software. For physical database encryption, the key is chosen at database creation time, and is further supplied to the database server during use with the -ek or -ep parameters. If the key is lost, the database can no longer be used.
Secure data access from a client can be done by requiring TLS from every connection.
There is also a separately licensed component for FIPS-certified encryption.
Hope this helps,