![]() The one part that is SQL Server related is the EKM provider's DLL file, which is created on the server. I won't go into details on the HSM's setup, partly because I don't know everything involved, but more so that it's mostly out of the realm of SQL Server and DBA land. The device requires a number of USB keys to access to access it - similar to what you would imagine what it would be like accessing a nuclear control panel. There is quite a bit of work in setting up these HSM devices. Such devices are called High Security Modules (HSM), whose vendors are referred to as EKM providers. Extensible Key Management (EKM) is another new feature that gives SQL Server the ability to store the encryption key used for TDE on hardware specifically design for key security and management. The database backups will also be encrypted. ![]() With TDE turned on for a database, SQL Server 2008 encrypts the data when writing it to disk and decrypts it when reading from disk into cache. Transparent Database Encryption (TDE) is a new feature of SQL Server 2008. Recently, I was tasked to setup SQL Server 2008's new features of Transparent Database Encryption (TDE) and Extensible Key Management (EKM).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |