SlideShare a Scribd company logo

Transparent Data Encryption

J
John Magnabosco

These slides are from the presentation in Indianapolis at IndyPASS, February 2009.

Technology
1 of 15
A n I n t r o d u c t i o n To Presented By John Magnabosco Database Consultant/Solution Architect – SolutionAvenue President/Co-Founder - Indianapolis Professional Association for SQL Server Coordinator/Co-Founder – IndyTechFest E-Mail: john_magnabosco@live.com
Today’s Presentation 1. What is TDE? 2. Key Architecture of TDE 3. How to Implement TDE 4. Backup Considerations with TDE 5. Restore with TDE 6. Interesting Tid-Bits of TDE An Introduction To
What is Transparent Data Encryption (TDE)? • A new feature of SQL Server 2008 Enterprise Edition • Encrypts of physical files of a database • Designed to protect “data at rest” • Does not require explicit opening/closing of keys • No schema modifications required to implement An Introduction To
Plain Text In The Backup File An Introduction To
Key Architecture of TDE SQL Server Instance Master Database User Database Service Master Key Database Master Key Database Encryption Key Certificate Physical Database Files An Introduction To
How To Implement TDE • Backup the unencrypted user database • Create a Database Master Key in the Master database • Create a Certificate in the Master database • Create a Database Encryption Key in the user database • Set Encryption to ON in the user database • Backup Keys, Certificate and user database An Introduction To
How To Implement TDE Demonstration… An Introduction To
An Introduction To
Backup of TDE Databases • Backup user database • Backup Service Master Key • Backup Database Master Key in Master database • Backup Certificate in Master database • Database Encryption Key is backed up with database • Store backup of db and keys in separate locations An Introduction To
Restore of TDE Databases • Restore Service Master Key if needed • Restore Database Master Key in Master database • Alter DMK’s “Encrypted By” to Service Master Key • Restore Certificate in Master database • Restore the user database An Introduction To
Backup and Restore of TDE Database Demonstration… An Introduction To
Interesting Tid-Bits • TempDB is also encrypted • Transaction log is advanced to next virtual log • TDE must be enabled on the publisher and subscriber • Compression is not recommended with TDE • Full-Text Indexes not recommended with TDE • Both databases used in mirroring will be encrypted An Introduction To
In Summary • TDE encrypts physical files of a database • Designed to protect “data at rest” • The Database Encryption Key is used with TDE • Implementation includes the MASTER database • Backup the keys separately from the database(s) • TempDB is encrypted with TDE is implemented An Introduction To
Transparent Data Encryption Questions… An Introduction To
Additional TDE Resources: MSDN: Understanding TDE (Article) http://msdn.microsoft.com/en-us/library/bb934049.aspx My Blog: Check out my series on TDE http://www.simple-talk.com/community/blogs/johnm/default.aspx Additional General Encryption Resources: MSDN: SQL Server Encryption http://msdn.microsoft.com/en-us/library/bb510663.aspx Have More Questions? My E-Mail: john_magnabosco@live.com An Introduction To

Recommended

Oracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12cOracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12cNabeel Yoosuf
 
Column Level Encryption in Microsoft SQL Server
Column Level Encryption in Microsoft SQL ServerColumn Level Encryption in Microsoft SQL Server
Column Level Encryption in Microsoft SQL ServerBehnam Mohammadi
 
Transparent Data Encryption for SharePoint Content Databases
Transparent Data Encryption for SharePoint Content DatabasesTransparent Data Encryption for SharePoint Content Databases
Transparent Data Encryption for SharePoint Content DatabasesMichael Noel
 
Sql Server Performance Tuning
Sql Server Performance TuningSql Server Performance Tuning
Sql Server Performance TuningBala Subra
 
Database backup & recovery
Database backup & recoveryDatabase backup & recovery
Database backup & recoveryMustafa Khan
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 
Webinars - Introducción Oracle Data Masking and Subsetting Pack
Webinars - Introducción Oracle Data Masking and Subsetting PackWebinars - Introducción Oracle Data Masking and Subsetting Pack
Webinars - Introducción Oracle Data Masking and Subsetting Packavanttic Consultoría Tecnológica
 
Database backup and recovery basics
Database backup and recovery basicsDatabase backup and recovery basics
Database backup and recovery basicsShahed Mohamed
 

Recommended

Oracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12cOracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12cNabeel Yoosuf
 
Column Level Encryption in Microsoft SQL Server
Column Level Encryption in Microsoft SQL ServerColumn Level Encryption in Microsoft SQL Server
Column Level Encryption in Microsoft SQL ServerBehnam Mohammadi
 
Transparent Data Encryption for SharePoint Content Databases
Transparent Data Encryption for SharePoint Content DatabasesTransparent Data Encryption for SharePoint Content Databases
Transparent Data Encryption for SharePoint Content DatabasesMichael Noel
 
Sql Server Performance Tuning
Sql Server Performance TuningSql Server Performance Tuning
Sql Server Performance TuningBala Subra
 
Database backup & recovery
Database backup & recoveryDatabase backup & recovery
Database backup & recoveryMustafa Khan
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 
Webinars - Introducción Oracle Data Masking and Subsetting Pack
Webinars - Introducción Oracle Data Masking and Subsetting PackWebinars - Introducción Oracle Data Masking and Subsetting Pack
Webinars - Introducción Oracle Data Masking and Subsetting Packavanttic Consultoría Tecnológica
 
Database backup and recovery basics
Database backup and recovery basicsDatabase backup and recovery basics
Database backup and recovery basicsShahed Mohamed
 
Always encrypted overview
Always encrypted overviewAlways encrypted overview
Always encrypted overviewSolidQ
 
Row-level security and Dynamic Data Masking
Row-level security and Dynamic Data MaskingRow-level security and Dynamic Data Masking
Row-level security and Dynamic Data MaskingSolidQ
 
Oracle Key Vault Overview
Oracle Key Vault OverviewOracle Key Vault Overview
Oracle Key Vault OverviewTroy Kitch
 
Database performance tuning and query optimization
Database performance tuning and query optimizationDatabase performance tuning and query optimization
Database performance tuning and query optimizationDhani Ahmad
 
SQL Server Performance Tuning Baseline
SQL Server Performance Tuning BaselineSQL Server Performance Tuning Baseline
SQL Server Performance Tuning Baseline► Supreme Mandal ◄
 
Lakehouse in Azure
Lakehouse in AzureLakehouse in Azure
Lakehouse in AzureSergio Zenatti Filho
 
Data Lake Overview
Data Lake OverviewData Lake Overview
Data Lake OverviewJames Serra
 
Database storage engines
Database storage enginesDatabase storage engines
Database storage enginesUniversity of Sindh, Jamshoro
 
Oracle GoldenGate 21c New Features and Best Practices
Oracle GoldenGate 21c New Features and Best PracticesOracle GoldenGate 21c New Features and Best Practices
Oracle GoldenGate 21c New Features and Best PracticesBobby Curtis
 
Exadata master series_asm_2020
Exadata master series_asm_2020Exadata master series_asm_2020
Exadata master series_asm_2020Anil Nair
 
Topic 4 database recovery
Topic 4 database recoveryTopic 4 database recovery
Topic 4 database recoveryacap paei
 
MySQL Architecture and Engine
MySQL Architecture and EngineMySQL Architecture and Engine
MySQL Architecture and EngineAbdul Manaf
 
Backup strategy plan
Backup strategy planBackup strategy plan
Backup strategy planINFOCHIEF institute
 
SQL Server Wait Types Everyone Should Know
SQL Server Wait Types Everyone Should KnowSQL Server Wait Types Everyone Should Know
SQL Server Wait Types Everyone Should KnowDean Richards
 
Oracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingOracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingDLT Solutions
 
What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1Satishbabu Gunukula
 
Oracle Data Masking
Oracle Data MaskingOracle Data Masking
Oracle Data MaskingInprise Group
 
Understanding and controlling transaction logs
Understanding and controlling transaction logsUnderstanding and controlling transaction logs
Understanding and controlling transaction logsRed Gate Software
 
Sql server 2019 new features
Sql server 2019 new featuresSql server 2019 new features
Sql server 2019 new featuresGeorge Walters
 
Database security issues
Database security issuesDatabase security issues
Database security issuesn|u - The Open Security Community
 
[db tech showcase Tokyo 2015] D25:The difference between logical and physical...
[db tech showcase Tokyo 2015] D25:The difference between logical and physical...[db tech showcase Tokyo 2015] D25:The difference between logical and physical...
[db tech showcase Tokyo 2015] D25:The difference between logical and physical...Insight Technology, Inc.
 
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...Michael Noel
 

More Related Content

What's hot

Always encrypted overview
Always encrypted overviewAlways encrypted overview
Always encrypted overviewSolidQ
 
Row-level security and Dynamic Data Masking
Row-level security and Dynamic Data MaskingRow-level security and Dynamic Data Masking
Row-level security and Dynamic Data MaskingSolidQ
 
Oracle Key Vault Overview
Oracle Key Vault OverviewOracle Key Vault Overview
Oracle Key Vault OverviewTroy Kitch
 
Database performance tuning and query optimization
Database performance tuning and query optimizationDatabase performance tuning and query optimization
Database performance tuning and query optimizationDhani Ahmad
 
SQL Server Performance Tuning Baseline
SQL Server Performance Tuning BaselineSQL Server Performance Tuning Baseline
SQL Server Performance Tuning Baseline► Supreme Mandal ◄
 
Data Lake Overview
Data Lake OverviewData Lake Overview
Data Lake OverviewJames Serra
 
Oracle GoldenGate 21c New Features and Best Practices
Oracle GoldenGate 21c New Features and Best PracticesOracle GoldenGate 21c New Features and Best Practices
Oracle GoldenGate 21c New Features and Best PracticesBobby Curtis
 
Exadata master series_asm_2020
Exadata master series_asm_2020Exadata master series_asm_2020
Exadata master series_asm_2020Anil Nair
 
Topic 4 database recovery
Topic 4 database recoveryTopic 4 database recovery
Topic 4 database recoveryacap paei
 
MySQL Architecture and Engine
MySQL Architecture and EngineMySQL Architecture and Engine
MySQL Architecture and EngineAbdul Manaf
 
SQL Server Wait Types Everyone Should Know
SQL Server Wait Types Everyone Should KnowSQL Server Wait Types Everyone Should Know
SQL Server Wait Types Everyone Should KnowDean Richards
 
Oracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingOracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingDLT Solutions
 
What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1Satishbabu Gunukula
 
Understanding and controlling transaction logs
Understanding and controlling transaction logsUnderstanding and controlling transaction logs
Understanding and controlling transaction logsRed Gate Software
 
Sql server 2019 new features
Sql server 2019 new featuresSql server 2019 new features
Sql server 2019 new featuresGeorge Walters
 

What's hot (20)

Always encrypted overview
Always encrypted overviewAlways encrypted overview
Always encrypted overview
 
Row-level security and Dynamic Data Masking
Row-level security and Dynamic Data MaskingRow-level security and Dynamic Data Masking
Row-level security and Dynamic Data Masking
 
Oracle Key Vault Overview
Oracle Key Vault OverviewOracle Key Vault Overview
Oracle Key Vault Overview
 
Database performance tuning and query optimization
Database performance tuning and query optimizationDatabase performance tuning and query optimization
Database performance tuning and query optimization
 
SQL Server Performance Tuning Baseline
SQL Server Performance Tuning BaselineSQL Server Performance Tuning Baseline
SQL Server Performance Tuning Baseline
 
Lakehouse in Azure
Lakehouse in AzureLakehouse in Azure
Lakehouse in Azure
 
Data Lake Overview
Data Lake OverviewData Lake Overview
Data Lake Overview
 
Database storage engines
Database storage enginesDatabase storage engines
Database storage engines
 
Oracle GoldenGate 21c New Features and Best Practices
Oracle GoldenGate 21c New Features and Best PracticesOracle GoldenGate 21c New Features and Best Practices
Oracle GoldenGate 21c New Features and Best Practices
 
Exadata master series_asm_2020
Exadata master series_asm_2020Exadata master series_asm_2020
Exadata master series_asm_2020
 
Topic 4 database recovery
Topic 4 database recoveryTopic 4 database recovery
Topic 4 database recovery
 
MySQL Architecture and Engine
MySQL Architecture and EngineMySQL Architecture and Engine
MySQL Architecture and Engine
 
Backup strategy plan
Backup strategy planBackup strategy plan
Backup strategy plan
 
SQL Server Wait Types Everyone Should Know
SQL Server Wait Types Everyone Should KnowSQL Server Wait Types Everyone Should Know
SQL Server Wait Types Everyone Should Know
 
Oracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingOracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and Masking
 
What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1
 
Oracle Data Masking
Oracle Data MaskingOracle Data Masking
Oracle Data Masking
 
Understanding and controlling transaction logs
Understanding and controlling transaction logsUnderstanding and controlling transaction logs
Understanding and controlling transaction logs
 
Sql server 2019 new features
Sql server 2019 new featuresSql server 2019 new features
Sql server 2019 new features
 
Database security issues
Database security issuesDatabase security issues
Database security issues
 

Similar to Transparent Data Encryption

[db tech showcase Tokyo 2015] D25:The difference between logical and physical...
[db tech showcase Tokyo 2015] D25:The difference between logical and physical...[db tech showcase Tokyo 2015] D25:The difference between logical and physical...
[db tech showcase Tokyo 2015] D25:The difference between logical and physical...Insight Technology, Inc.
 
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...Michael Noel
 
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site ReviewECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site ReviewKenny Buntinx
 
The Spy Who Loathed Me - An Intro to SQL Server Security
The Spy Who Loathed Me - An Intro to SQL Server SecurityThe Spy Who Loathed Me - An Intro to SQL Server Security
The Spy Who Loathed Me - An Intro to SQL Server SecurityChris Bell
 
Geek Sync | How to Be the DBA When You Don't Have a DBA - Eric Cobb | IDERA
Geek Sync | How to Be the DBA When You Don't Have a DBA - Eric Cobb | IDERAGeek Sync | How to Be the DBA When You Don't Have a DBA - Eric Cobb | IDERA
Geek Sync | How to Be the DBA When You Don't Have a DBA - Eric Cobb | IDERAIDERA Software
 
Oracle Performance Tuning Fundamentals
Oracle Performance Tuning FundamentalsOracle Performance Tuning Fundamentals
Oracle Performance Tuning FundamentalsCarlos Sierra
 
How Teradata uses Stacki
How Teradata uses StackiHow Teradata uses Stacki
How Teradata uses StackiStackIQ
 
Self Service Analytics enabled by Data Virtualization from Denodo
Self Service Analytics enabled by Data Virtualization from DenodoSelf Service Analytics enabled by Data Virtualization from Denodo
Self Service Analytics enabled by Data Virtualization from DenodoDenodo
 
Database Provisioning in EM12c: Provision me a Database Now!
Database Provisioning in EM12c: Provision me a Database Now!Database Provisioning in EM12c: Provision me a Database Now!
Database Provisioning in EM12c: Provision me a Database Now!Maaz Anjum
 
Selecting And Protecting The Right Sharepoint Backup Targets Sps Michigan
Selecting And Protecting The Right Sharepoint Backup Targets Sps MichiganSelecting And Protecting The Right Sharepoint Backup Targets Sps Michigan
Selecting And Protecting The Right Sharepoint Backup Targets Sps MichiganChristopher Bunn
 
1. SQL Server forSharePoint geeksA gentle introductionThomas Vochten • Septem...
1. SQL Server forSharePoint geeksA gentle introductionThomas Vochten • Septem...1. SQL Server forSharePoint geeksA gentle introductionThomas Vochten • Septem...
1. SQL Server forSharePoint geeksA gentle introductionThomas Vochten • Septem...BIWUG
 
database backup and recovery
database backup and recoverydatabase backup and recovery
database backup and recoverysdrhr
 
Should I move my database to the cloud?
Should I move my database to the cloud?Should I move my database to the cloud?
Should I move my database to the cloud?James Serra
 
Sterling for Windows Phone 7
Sterling for Windows Phone 7Sterling for Windows Phone 7
Sterling for Windows Phone 7Jeremy Likness
 
Pass chapter meeting dec 2013 - compression a hidden gem for io heavy databas...
Pass chapter meeting dec 2013 - compression a hidden gem for io heavy databas...Pass chapter meeting dec 2013 - compression a hidden gem for io heavy databas...
Pass chapter meeting dec 2013 - compression a hidden gem for io heavy databas...Charley Hanania
 
Hadoop as a data hub featuring sears
Hadoop as a data hub featuring searsHadoop as a data hub featuring sears
Hadoop as a data hub featuring searsDianna Doan
 
Are the Native SQL Server Backup Utilities Holding You Back?
Are the Native SQL Server Backup Utilities Holding You Back?Are the Native SQL Server Backup Utilities Holding You Back?
Are the Native SQL Server Backup Utilities Holding You Back?SQLDBApros
 
Product Keynote: Advancing Denodo’s Logical Data Fabric with AI and Advanced ...
Product Keynote: Advancing Denodo’s Logical Data Fabric with AI and Advanced ...Product Keynote: Advancing Denodo’s Logical Data Fabric with AI and Advanced ...
Product Keynote: Advancing Denodo’s Logical Data Fabric with AI and Advanced ...Denodo
 
NA14G05 - A DB2 DBAs Guide to pureScale.pdf
NA14G05 - A DB2 DBAs Guide to pureScale.pdfNA14G05 - A DB2 DBAs Guide to pureScale.pdf
NA14G05 - A DB2 DBAs Guide to pureScale.pdfsunildupakuntla
 

Similar to Transparent Data Encryption (20)

[db tech showcase Tokyo 2015] D25:The difference between logical and physical...
[db tech showcase Tokyo 2015] D25:The difference between logical and physical...[db tech showcase Tokyo 2015] D25:The difference between logical and physical...
[db tech showcase Tokyo 2015] D25:The difference between logical and physical...
 
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...
Protecting Your SharePoint Content Databases using SQL Transparent Data Encry...
 
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site ReviewECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
ECMDay2015 - Kent Agerlund – Configuration Manager 2012 – A Site Review
 
The Spy Who Loathed Me - An Intro to SQL Server Security
The Spy Who Loathed Me - An Intro to SQL Server SecurityThe Spy Who Loathed Me - An Intro to SQL Server Security
The Spy Who Loathed Me - An Intro to SQL Server Security
 
Geek Sync | How to Be the DBA When You Don't Have a DBA - Eric Cobb | IDERA
Geek Sync | How to Be the DBA When You Don't Have a DBA - Eric Cobb | IDERAGeek Sync | How to Be the DBA When You Don't Have a DBA - Eric Cobb | IDERA
Geek Sync | How to Be the DBA When You Don't Have a DBA - Eric Cobb | IDERA
 
Oracle Performance Tuning Fundamentals
Oracle Performance Tuning FundamentalsOracle Performance Tuning Fundamentals
Oracle Performance Tuning Fundamentals
 
How Teradata uses Stacki
How Teradata uses StackiHow Teradata uses Stacki
How Teradata uses Stacki
 
Self Service Analytics enabled by Data Virtualization from Denodo
Self Service Analytics enabled by Data Virtualization from DenodoSelf Service Analytics enabled by Data Virtualization from Denodo
Self Service Analytics enabled by Data Virtualization from Denodo
 
Database Provisioning in EM12c: Provision me a Database Now!
Database Provisioning in EM12c: Provision me a Database Now!Database Provisioning in EM12c: Provision me a Database Now!
Database Provisioning in EM12c: Provision me a Database Now!
 
Selecting And Protecting The Right Sharepoint Backup Targets Sps Michigan
Selecting And Protecting The Right Sharepoint Backup Targets Sps MichiganSelecting And Protecting The Right Sharepoint Backup Targets Sps Michigan
Selecting And Protecting The Right Sharepoint Backup Targets Sps Michigan
 
1. SQL Server forSharePoint geeksA gentle introductionThomas Vochten • Septem...
1. SQL Server forSharePoint geeksA gentle introductionThomas Vochten • Septem...1. SQL Server forSharePoint geeksA gentle introductionThomas Vochten • Septem...
1. SQL Server forSharePoint geeksA gentle introductionThomas Vochten • Septem...
 
database backup and recovery
database backup and recoverydatabase backup and recovery
database backup and recovery
 
Should I move my database to the cloud?
Should I move my database to the cloud?Should I move my database to the cloud?
Should I move my database to the cloud?
 
Sterling for Windows Phone 7
Sterling for Windows Phone 7Sterling for Windows Phone 7
Sterling for Windows Phone 7
 
Pass chapter meeting dec 2013 - compression a hidden gem for io heavy databas...
Pass chapter meeting dec 2013 - compression a hidden gem for io heavy databas...Pass chapter meeting dec 2013 - compression a hidden gem for io heavy databas...
Pass chapter meeting dec 2013 - compression a hidden gem for io heavy databas...
 
Hadoop as a data hub featuring sears
Hadoop as a data hub featuring searsHadoop as a data hub featuring sears
Hadoop as a data hub featuring sears
 
Are the Native SQL Server Backup Utilities Holding You Back?
Are the Native SQL Server Backup Utilities Holding You Back?Are the Native SQL Server Backup Utilities Holding You Back?
Are the Native SQL Server Backup Utilities Holding You Back?
 
Managing Your TempDb
Managing Your TempDbManaging Your TempDb
Managing Your TempDb
 
Product Keynote: Advancing Denodo’s Logical Data Fabric with AI and Advanced ...
Product Keynote: Advancing Denodo’s Logical Data Fabric with AI and Advanced ...Product Keynote: Advancing Denodo’s Logical Data Fabric with AI and Advanced ...
Product Keynote: Advancing Denodo’s Logical Data Fabric with AI and Advanced ...
 
NA14G05 - A DB2 DBAs Guide to pureScale.pdf
NA14G05 - A DB2 DBAs Guide to pureScale.pdfNA14G05 - A DB2 DBAs Guide to pureScale.pdf
NA14G05 - A DB2 DBAs Guide to pureScale.pdf
 

Recently uploaded

DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 

Recently uploaded (20)

DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 

Transparent Data Encryption

  • 1. A n I n t r o d u c t i o n To Presented By John Magnabosco Database Consultant/Solution Architect – SolutionAvenue President/Co-Founder - Indianapolis Professional Association for SQL Server Coordinator/Co-Founder – IndyTechFest E-Mail: john_magnabosco@live.com
  • 2. Today’s Presentation 1. What is TDE? 2. Key Architecture of TDE 3. How to Implement TDE 4. Backup Considerations with TDE 5. Restore with TDE 6. Interesting Tid-Bits of TDE An Introduction To
  • 3. What is Transparent Data Encryption (TDE)? • A new feature of SQL Server 2008 Enterprise Edition • Encrypts of physical files of a database • Designed to protect “data at rest” • Does not require explicit opening/closing of keys • No schema modifications required to implement An Introduction To
  • 4. Plain Text In The Backup File An Introduction To
  • 5. Key Architecture of TDE SQL Server Instance Master Database User Database Service Master Key Database Master Key Database Encryption Key Certificate Physical Database Files An Introduction To
  • 6. How To Implement TDE • Backup the unencrypted user database • Create a Database Master Key in the Master database • Create a Certificate in the Master database • Create a Database Encryption Key in the user database • Set Encryption to ON in the user database • Backup Keys, Certificate and user database An Introduction To
  • 7. How To Implement TDE Demonstration… An Introduction To
  • 9. Backup of TDE Databases • Backup user database • Backup Service Master Key • Backup Database Master Key in Master database • Backup Certificate in Master database • Database Encryption Key is backed up with database • Store backup of db and keys in separate locations An Introduction To
  • 10. Restore of TDE Databases • Restore Service Master Key if needed • Restore Database Master Key in Master database • Alter DMK’s “Encrypted By” to Service Master Key • Restore Certificate in Master database • Restore the user database An Introduction To
  • 11. Backup and Restore of TDE Database Demonstration… An Introduction To
  • 12. Interesting Tid-Bits • TempDB is also encrypted • Transaction log is advanced to next virtual log • TDE must be enabled on the publisher and subscriber • Compression is not recommended with TDE • Full-Text Indexes not recommended with TDE • Both databases used in mirroring will be encrypted An Introduction To
  • 13. In Summary • TDE encrypts physical files of a database • Designed to protect “data at rest” • The Database Encryption Key is used with TDE • Implementation includes the MASTER database • Backup the keys separately from the database(s) • TempDB is encrypted with TDE is implemented An Introduction To
  • 14. Transparent Data Encryption Questions… An Introduction To
  • 15. Additional TDE Resources: MSDN: Understanding TDE (Article) http://msdn.microsoft.com/en-us/library/bb934049.aspx My Blog: Check out my series on TDE http://www.simple-talk.com/community/blogs/johnm/default.aspx Additional General Encryption Resources: MSDN: SQL Server Encryption http://msdn.microsoft.com/en-us/library/bb510663.aspx Have More Questions? My E-Mail: john_magnabosco@live.com An Introduction To