Skip to Content
avatar image
Former Member

Database Encryption ASE

Hi

we have few Databases running in our environment sybase ASE 15.7 SP 138,

if there is a requirement to encrypt the data at rest, then what will be the complication to enable database encryption using TDE at database level blindly, whether any SQL code changed needed for that like in stored procs and all, i know its a licensed feature so need to buy license but in technical prospective do we have any other challenges or is it doable silently with no harm on performance and SQL code changes or any other issue need to consider, please help to list out bullet points.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • May 30 at 04:38 PM

    There are two different types of encryption that can be used in ASE. One is encrypted columns and the other is full database encryption.

    The implementation of these are different and are used based on what your encryption requirements are.
    Encrypted columns: (Available since 12.5.3)
    -column level encryption
    -used to hide or restrict access of sensitive data
    -encrypted data at rest, for specified columns
    -access must be defined for users in order to "see" the data, otherwise a default can be used.
    Full Database Encryption: (Available in ASE 16.0 and up)
    -Data is encrypted at rest
    -Traditional grant permissions determine access to tables
    -encrypted data access is transparent to the user and applications, no code changes needed.
    -Is not used for "hiding" sensitive data like encrypted columns, it is for encrypting data at rest.

    All the run-time database encryption/decryption is done internally and is transparent to the user or application.

    I hope that helps show the differences between the two types of encryption.

    Thanks

    Dan Thrall

    Add comment
    10|10000 characters needed characters exceeded

  • May 30 at 06:06 PM

    Hi

    You might find more pointers in the latest documentation update at : https://help.sap.com/doc/a613310dbc2b1014ade0f78b6ecb68ec/16.0.3.4/en-US/SAP_ASE_Database_Encryption_en.pdf

    There is a section "Performance considerations" , that might be useful to you as well.

    Hope that helps

    Add comment
    10|10000 characters needed characters exceeded