zoukankan      html  css  js  c++  java
  • sql server_TED(透明数据加密)

    一,加密过程

    (1)切换到master下:

    use master;

    (2)根据一段自定义密码创建主密钥:
    CREATE MASTER KEY ENCRYPTION BY PASSWORD = '密码';

    (3)创建主密钥证书,主题任意填:
    CREATE CERTIFICATE 证书名 WITH SUBJECT = '测试主题';

    (4)切换到要加密的库下:

    use 用户数据库;

    (5)根据加密算法和证书创建数据库密钥:
    CREATE DATABASE ENCRYPTION KEY WITH ALGORITHM = AES_128 ENCRYPTION BY SERVER CERTIFICATE 证书名;

    (6)开启该库的加密状态:
    ALTER DATABASE 用户数据库 SET ENCRYPTION ON;

    ------------------------------------------------------------------

    二,备份和还原

    (1)备份主密钥在指定目录中:
    BACKUP MASTER KEY TO FILE = 'd:storedkeysweifangmasterkey' ENCRYPTION BY PASSWORD = '密码'

    (2)备份证书:
    BACKUP CERTIFICATE 证书名 TO FILE = 'd:storedcertsweifangsdjslcert'; :


    (3)还原master key:

    use master
    RESTORE MASTER KEY FROM FILE = 'd:storedkeysweifangmasterkey'
    DECRYPTION BY PASSWORD = '密码'
    ENCRYPTION BY PASSWORD = '密码';

    --因为我这里还留有原来的证书,所以会提示如下信息:
    --The old and new master keys are identical. No data re-encryption is required.

    (4)还原证书
    CREATE CERTIFICATE 证书名
    FROM FILE = 'd:storedcertssdjslcert'
    GO
    --因为证书已经存在,所以提示如下信息:
    --A certificate with name 'MyServerCert2' already exists or this certificate already has been added to the database.
    --需要注意的是证书并不是按照证书名来区分的。我原来的证书名叫做MyServerCert,此处创建的证书名为MyServerCert2,但是是来自MyServerCert的一个备份,还是报错。

  • 相关阅读:
    Swing 添加Esc快捷键退出程序
    DefaultTableCellRenderer 自定义
    项目清理和删除svn信息(转)
    时间转换工具类
    Java Swing 日期控件(转载)
    Eureka原理
    SpringCloud之Eureka注册中心集群篇
    spring boot及spring cloud介绍
    spring cloud 服务注册/发现/提供/调用 demo
    eclipse构建maven+scala+spark工程
  • 原文地址:https://www.cnblogs.com/sunyt/p/4259571.html
Copyright © 2011-2022 走看看