Skip to Content

Database Encryption ASE

Apr 16 at 04:12 PM


avatar image
Former Member


we have few Databases running in our environment sybase ASE 15.7 SP 138,

if there is a requirement to encrypt the data at rest, then what will be the complication to enable database encryption using TDE at database level blindly, whether any SQL code changed needed for that like in stored procs and all, i know its a licensed feature so need to buy license but in technical prospective do we have any other challenges or is it doable silently with no harm on performance and SQL code changes or any other issue need to consider, please help to list out bullet points.

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

2 Answers

Daniel Thrall
May 30 at 04:38 PM

There are two different types of encryption that can be used in ASE. One is encrypted columns and the other is full database encryption.

The implementation of these are different and are used based on what your encryption requirements are.
Encrypted columns: (Available since 12.5.3)
-column level encryption
-used to hide or restrict access of sensitive data
-encrypted data at rest, for specified columns
-access must be defined for users in order to "see" the data, otherwise a default can be used.
Full Database Encryption: (Available in ASE 16.0 and up)
-Data is encrypted at rest
-Traditional grant permissions determine access to tables
-encrypted data access is transparent to the user and applications, no code changes needed.
-Is not used for "hiding" sensitive data like encrypted columns, it is for encrypting data at rest.

All the run-time database encryption/decryption is done internally and is transparent to the user or application.

I hope that helps show the differences between the two types of encryption.


Dan Thrall

10 |10000 characters needed characters left characters exceeded
Nitin Sadalgekar
May 30 at 06:06 PM


You might find more pointers in the latest documentation update at :

There is a section "Performance considerations" , that might be useful to you as well.

Hope that helps

10 |10000 characters needed characters left characters exceeded