Abstract
In very high security situations laws, regulations and IT policies impose very strict prohibitions againststoring encryption keys in the same database (or even on the same physical device) as the datawhich it protects. To address this need, SQL Server 2008 provides an option known as extensible keymanagement (EKM). EKM allows you to create, store, manage, and access encryption keys on dedicated encryption appliances separate from your SQL Server databases. In this chapter, I will use the Luna SA hardware security module (HSM) provided by Safe Net to demonstrate EKM, although the concepts and tools apply to all SQL Server-enabled HSMs. SQL Server 2008 introduces new T-SQL statements, and new options for existing statements, designed to take advantage of EKM functionality. I’ll discuss these T-SQL language extensions in this chapter.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
