How to stop decrypting data after opening master key in SQL Server?
Clash Royale CLAN TAG#URR8PPP
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0;
up vote
1
down vote
favorite
I have implemented data encryption using SQL Server symmetric key encryption technique using a certificate, master key with password.
When we backup database from PROD server and restore to a different server, we open the master key using OPEN MASTER KEY DECRYPTION BY PASSWORD = ''... statement.
Password for master key is being managed by a SQL admin.
After opening the master key, we are able to decrypt the column data using DecryptByKey function. However, once we have done some analysis, we want to stop decrypting the data. No developer should be able to decrypt the data after a while.
How to stop decrypting the data or close the master key so that no developer can see data in plain-text?
sql-server encryption symmetric-key
add a comment |Â
up vote
1
down vote
favorite
I have implemented data encryption using SQL Server symmetric key encryption technique using a certificate, master key with password.
When we backup database from PROD server and restore to a different server, we open the master key using OPEN MASTER KEY DECRYPTION BY PASSWORD = ''... statement.
Password for master key is being managed by a SQL admin.
After opening the master key, we are able to decrypt the column data using DecryptByKey function. However, once we have done some analysis, we want to stop decrypting the data. No developer should be able to decrypt the data after a while.
How to stop decrypting the data or close the master key so that no developer can see data in plain-text?
sql-server encryption symmetric-key
add a comment |Â
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I have implemented data encryption using SQL Server symmetric key encryption technique using a certificate, master key with password.
When we backup database from PROD server and restore to a different server, we open the master key using OPEN MASTER KEY DECRYPTION BY PASSWORD = ''... statement.
Password for master key is being managed by a SQL admin.
After opening the master key, we are able to decrypt the column data using DecryptByKey function. However, once we have done some analysis, we want to stop decrypting the data. No developer should be able to decrypt the data after a while.
How to stop decrypting the data or close the master key so that no developer can see data in plain-text?
sql-server encryption symmetric-key
I have implemented data encryption using SQL Server symmetric key encryption technique using a certificate, master key with password.
When we backup database from PROD server and restore to a different server, we open the master key using OPEN MASTER KEY DECRYPTION BY PASSWORD = ''... statement.
Password for master key is being managed by a SQL admin.
After opening the master key, we are able to decrypt the column data using DecryptByKey function. However, once we have done some analysis, we want to stop decrypting the data. No developer should be able to decrypt the data after a while.
How to stop decrypting the data or close the master key so that no developer can see data in plain-text?
sql-server encryption symmetric-key
sql-server encryption symmetric-key
asked 3 hours ago
Sri
1399
1399
add a comment |Â
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
3
down vote
The command you're looking for is CLOSE MASTER KEY;
From docs.microsoft.com:
This statement reverses the operation performed by
OPEN MASTER KEY
.CLOSE MASTER KEY
only succeeds when the database master key was opened in the current session by using theOPEN MASTER KEY
statement.
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
3
down vote
The command you're looking for is CLOSE MASTER KEY;
From docs.microsoft.com:
This statement reverses the operation performed by
OPEN MASTER KEY
.CLOSE MASTER KEY
only succeeds when the database master key was opened in the current session by using theOPEN MASTER KEY
statement.
add a comment |Â
up vote
3
down vote
The command you're looking for is CLOSE MASTER KEY;
From docs.microsoft.com:
This statement reverses the operation performed by
OPEN MASTER KEY
.CLOSE MASTER KEY
only succeeds when the database master key was opened in the current session by using theOPEN MASTER KEY
statement.
add a comment |Â
up vote
3
down vote
up vote
3
down vote
The command you're looking for is CLOSE MASTER KEY;
From docs.microsoft.com:
This statement reverses the operation performed by
OPEN MASTER KEY
.CLOSE MASTER KEY
only succeeds when the database master key was opened in the current session by using theOPEN MASTER KEY
statement.
The command you're looking for is CLOSE MASTER KEY;
From docs.microsoft.com:
This statement reverses the operation performed by
OPEN MASTER KEY
.CLOSE MASTER KEY
only succeeds when the database master key was opened in the current session by using theOPEN MASTER KEY
statement.
answered 3 hours ago
AMtwo
4,019824
4,019824
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f218568%2fhow-to-stop-decrypting-data-after-opening-master-key-in-sql-server%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password