Abstract
In very high security situations laws, regulations and IT policies impose very strict prohibitions againststoring encryption keys in the same database (or even on the same physical device) as the datawhich it protects. To address this need, SQL Server 2008 provides an option known as extensible keymanagement (EKM). EKM allows you to create, store, manage, and access encryption keys on dedicated encryption appliances separate from your SQL Server databases. In this chapter, I will use the Luna SA hardware security module (HSM) provided by Safe Net to demonstrate EKM, although the concepts and tools apply to all SQL Server-enabled HSMs. SQL Server 2008 introduces new T-SQL statements, and new options for existing statements, designed to take advantage of EKM functionality. I’ll discuss these T-SQL language extensions in this chapter.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
