我想做列级加密。例如:
--Create Master Key
USE EncryptTest
GO
CREATE MASTER KEY ENCRYPTION
BY PASSWORD = 'Test'
GO
--Create Server Cert
USE EncryptTest
GO
CREATE CERTIFICATE EncryptTestCert
WITH SUBJECT = 'Test'
GO
/* Create Symmetric Key */
USE EncryptTest
GO
CREATE SYMMETRIC KEY TestTableKey
WITH ALGORITHM = TRIPLE_DES ENCRYPTION
BY CERTIFICATE EncryptTestCert
GO
/* Encrypt the Column.*/
USE EncryptTest
GO
OPEN SYMMETRIC KEY TestTableKey DECRYPTION
BY CERTIFICATE EncryptTestCert
UPDATE TestTable
SET EncryptSecondCol = ENCRYPTBYKEY(KEY_GUID('TestTableKey'),SecondCol)
GO
--View encrypted
USE EncryptTest
GO
SELECT *
FROM TestTable
GO
但是,我的问题是如何备份证书或密钥?DBA(当然不是我)不小心删除了证书/密钥,使数据库安全,但无用。我提出这个问题是因为我看到了更多实际问题,即有人用粗手指弄乱了安全性,然后是实际的安全漏洞。