Platinum Sponsor

Working with encrypted data in SQL Server

Encryption plays an important role in protecting data and preventing intrusion.  In this session we will look at the various places and methods of Encryption that exist inside SQL Server.

First, we will look at the types of encryption available in SQL Server.  These include Encryption by Pass Phrase, by Symmetric key, by Asymmetric key, by Certificate, by one-way-Hash and signing. During this we will be looking at the strength of the encryption and possible attacks such as whole-value substitution, brute force and Rainbow table attack.  Lastly, we will look at how SQL encryption differs from .Net (or other programming environments) and the pros and cons of each.

Following on from that will be a look at how the encryption hierarchy works to provide an impressive level of key protection.  We will be answering questions like what is a master key, how it is different to the service master key, and what does the service master key do.

We will be looking at System level encryption for system features such as TDS and credentials storage and services such as SSRS, SSIS, and DQS.  How and why do these services use encryption?  These features and services use SQL encryption inherently to protect the most sensitive of configuration
data.

Finally, we will look at ways of preparing for disaster recovery with encrypted data.  Encrypted
data is nothing more than random binary data with the keys and algorithms to decrypt it.  Thus, there is a critical need for effective key management and understanding of what is necessary to recover encrypted data in the event of a disaster.
Presented by Ryan Chapman at SQLBits XI
Tags (no tags)
  • Downloads
    Sorry, there are no downloads available for this session.
  • SpeakerBIO
    Ryan_Chapman.JPG

    I’m a talented multi-skilled IT professional with advanced skills in SQL server 2005/08 and 2012. I have many years experience in SQL design, administration, server consolidation and migration in large scale organisations. I have completed MCITP in database administration and development. My belief is that data is the critical element of an organisation and that a database must be effective, efficient and secure. I am an expert in information system holding a BSc(Hons) in computing and informatics. I currently work for an international organisation as their head DBA. My next aim is completion of MCSM  and to discuss a topic at SQLBits.

  • Video
    The video is not available to view online.
  • Session Files Explorer
    The network name cannot be found.