How to stop decrypting data after opening master key in SQL Server?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0;







up vote
1
down vote

favorite












I have implemented data encryption using SQL Server symmetric key encryption technique using a certificate, master key with password.



When we backup database from PROD server and restore to a different server, we open the master key using OPEN MASTER KEY DECRYPTION BY PASSWORD = ''... statement.



Password for master key is being managed by a SQL admin.



After opening the master key, we are able to decrypt the column data using DecryptByKey function. However, once we have done some analysis, we want to stop decrypting the data. No developer should be able to decrypt the data after a while.



How to stop decrypting the data or close the master key so that no developer can see data in plain-text?










share|improve this question



























    up vote
    1
    down vote

    favorite












    I have implemented data encryption using SQL Server symmetric key encryption technique using a certificate, master key with password.



    When we backup database from PROD server and restore to a different server, we open the master key using OPEN MASTER KEY DECRYPTION BY PASSWORD = ''... statement.



    Password for master key is being managed by a SQL admin.



    After opening the master key, we are able to decrypt the column data using DecryptByKey function. However, once we have done some analysis, we want to stop decrypting the data. No developer should be able to decrypt the data after a while.



    How to stop decrypting the data or close the master key so that no developer can see data in plain-text?










    share|improve this question























      up vote
      1
      down vote

      favorite









      up vote
      1
      down vote

      favorite











      I have implemented data encryption using SQL Server symmetric key encryption technique using a certificate, master key with password.



      When we backup database from PROD server and restore to a different server, we open the master key using OPEN MASTER KEY DECRYPTION BY PASSWORD = ''... statement.



      Password for master key is being managed by a SQL admin.



      After opening the master key, we are able to decrypt the column data using DecryptByKey function. However, once we have done some analysis, we want to stop decrypting the data. No developer should be able to decrypt the data after a while.



      How to stop decrypting the data or close the master key so that no developer can see data in plain-text?










      share|improve this question













      I have implemented data encryption using SQL Server symmetric key encryption technique using a certificate, master key with password.



      When we backup database from PROD server and restore to a different server, we open the master key using OPEN MASTER KEY DECRYPTION BY PASSWORD = ''... statement.



      Password for master key is being managed by a SQL admin.



      After opening the master key, we are able to decrypt the column data using DecryptByKey function. However, once we have done some analysis, we want to stop decrypting the data. No developer should be able to decrypt the data after a while.



      How to stop decrypting the data or close the master key so that no developer can see data in plain-text?







      sql-server encryption symmetric-key






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked 3 hours ago









      Sri

      1399




      1399




















          1 Answer
          1






          active

          oldest

          votes

















          up vote
          3
          down vote













          The command you're looking for is CLOSE MASTER KEY;



          From docs.microsoft.com:




          This statement reverses the operation performed by OPEN MASTER KEY. CLOSE MASTER KEY only succeeds when the database master key was opened in the current session by using the OPEN MASTER KEY statement.







          share|improve this answer




















            Your Answer







            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "182"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            convertImagesToLinks: false,
            noModals: false,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );













             

            draft saved


            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f218568%2fhow-to-stop-decrypting-data-after-opening-master-key-in-sql-server%23new-answer', 'question_page');

            );

            Post as a guest






























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            3
            down vote













            The command you're looking for is CLOSE MASTER KEY;



            From docs.microsoft.com:




            This statement reverses the operation performed by OPEN MASTER KEY. CLOSE MASTER KEY only succeeds when the database master key was opened in the current session by using the OPEN MASTER KEY statement.







            share|improve this answer
























              up vote
              3
              down vote













              The command you're looking for is CLOSE MASTER KEY;



              From docs.microsoft.com:




              This statement reverses the operation performed by OPEN MASTER KEY. CLOSE MASTER KEY only succeeds when the database master key was opened in the current session by using the OPEN MASTER KEY statement.







              share|improve this answer






















                up vote
                3
                down vote










                up vote
                3
                down vote









                The command you're looking for is CLOSE MASTER KEY;



                From docs.microsoft.com:




                This statement reverses the operation performed by OPEN MASTER KEY. CLOSE MASTER KEY only succeeds when the database master key was opened in the current session by using the OPEN MASTER KEY statement.







                share|improve this answer












                The command you're looking for is CLOSE MASTER KEY;



                From docs.microsoft.com:




                This statement reverses the operation performed by OPEN MASTER KEY. CLOSE MASTER KEY only succeeds when the database master key was opened in the current session by using the OPEN MASTER KEY statement.








                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered 3 hours ago









                AMtwo

                4,019824




                4,019824



























                     

                    draft saved


                    draft discarded















































                     


                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f218568%2fhow-to-stop-decrypting-data-after-opening-master-key-in-sql-server%23new-answer', 'question_page');

                    );

                    Post as a guest













































































                    Comments

                    Popular posts from this blog

                    What does second last employer means? [closed]

                    Installing NextGIS Connect into QGIS 3?

                    One-line joke