SECURITY OF DATABASE CONTENTS USING TRANSPARENT DATA ENCRYPTION IN MICROSOFT SQL SERVER ENTERPRISE EDITION

Rashid Husain

Department of Computer Science

 Kebbi State University of Science and Technology, Aleiro, Kebbi State

Email: rashid65_its@yahoo.com

ABSTRACT

We can take several precautions to help secure the database such as designing a secure system, encrypting confidential assets, and building a firewall around the database servers. However, in a scenario where the physical media (such as drives or backup tapes) are stolen, a malicious party can just restore or attach the data base and browse the data. To protect against data thefts and frauds we require security solutions that are transparent by design. Transparent Data Encryption (TDE) provides transparent, standards based security that protects data on the network, on disk and on backup media. It is easy and effective protection of stored data by transparently encrypting data. TDE performs real-time I/O encryption and decryption of the data and log files. The encryption uses a data base encryption key (DEK), which is stored in the database boot record for availability during recovery. The DEK is a symmetric key secured by using a certificate stored in the master database of the server or an asymmetric key protected by an EKM module. TDE protects data ‘at rest’, meaning the data and log files. It provides the ability to comply with many laws, regulations, and guidelines established in various industries. The study deals with ways to create Master key, creation of certificate protected by the master key, creation of database master key and protection by the certificate and ways to set the database to use encryption in Microsoft SQL Server.