I have 2 (DB1,DB2) databases in SQL Azure.
DB1.Customer
DB2.Customer
Each has column called Surname which is column encrypted.
I want to insert records from DB1.Customer to DB2.Customer. I initially tried a Data Compare tool, but it omitted the encrypted column ie "Surname". Is my only way to do this, is to decrypt "Surname", recompare, insert data, re-encrypt "Surname" column for both DBs, or is there another way to avoid decryption.
I have also tried:
1) SSMS / Tasks/ Generate Scripts / Advanced / Data only but the encrypted data is shown as "binary" in the SQL.
Thanks in advance.
I think this is refer to Migrate Sensitive Data Protected by Always Encrypted.
The following table shows the recommended settings appropriate for several migration scenarios.
Hope this helps.
Related
I would like to ask about encryption M.S SQL Server 2016.
I have applied encryption on database production long time, but a few months later
It show status not encrypted.
What happen to it?
Note
Table sys.dm_database_encryption_keys" no database in this table
Table sys.certificates" have certificate name
Table sys.databases" have database name in this table
Thank you so much for your kindly help.
We are looking for a solution to implement "always encrypted" columns in a database, where we are using at the same time many SQL temporary tables (#tmp).
We explored the alternate path - stop using #temp tables, but this would mean a high impact on our app in terms of time/cost.
Did anyone find a way to write queries like "insert into #tmp select from my_table", where my_table contains AE columns?
I tried applying the same CMK and CEK to the tempdb database, so that I can create the same structure for the #tmp table, as the structure of my_table.
This doesn't solve the problem though - having the tables in 2 different databases seems to prevent the data transfer.
I'm looking for an SQL solution, and not for a solution which involves a client app (C#, vb, etc.) which has access to all the encryption keys.
Insert operations in the manner you are describing are not supported for encrypted columns.
"insert into #tmp select from my_table"
You will have to write a client app to achieve a similar result. If you want to explore that path, please leave a comment and I can guide you.
You should be able to achieve something similar in C# as follows.
Do select * from encryptedTable to load the data in a SqlDataReader then use SqlBulkCopy to load it to the temp table using SqlBulkCopy.WriteToServer(IDataReader) Method
If you have the encrypted table and the plaintext table on the same SQL Server instance, then be aware that you might to leaking information to SQL Server admin, because they can examine the plaintext data and corresponding ciphertext
Is there a way I can encrypt an existing column in a SQL Server table without changing any other systems which uses this column? I am on SQL Server 2005.
I guess it's possible in Oracle like this (after enabling Transparent Data Encryption)
ALTER TABLE employees
MODIFY (salary ENCRYPT USING '3DES168');
You can encrypt the data using PHP functions or any other scripting library functions and store them in the MySQL database. I hope this helps.
I am a newbie in SQL so please bear with me. I am hoping you can help/guide me. I have a table on 5 MS SQL Servers that have identical Columns and I want to consolidate the data into a separate table/separate MS SQL Server.
the challenge is that I only have "Read Only Permission" from the source table (5 MS SQL Servers) but I have permission to create a table on the destination MS SQL Server DB.
another challenge is I wan to truncate or extract parts of the txt in one column of the source table and save them into different columns on the destination table.
Next challenge is for the destination table to query once a day the source table for any update.
See screenshot by clicking either of the URL.
Screenshot URL1
Screenshot URL2
Appreciate it very much if you can help/guide me. Many thanks in advance.
You'll need to setup a linked server and use either an SSIS package to pull the data into the form you need, or OPENROWSET/OPENQUERY queries with an insert on the server you do have write privileges.
Either pre-create a table to put the new data in, or if not needed build up a temporary table or the insert the data into a table variable.
To concat a field to a new field use something like the examples below:
SELECT (field1 + field 2) as Newfield
or
SELECT (SUBSTRING(field1, 2,2) + SUBSTRING(field2, 3,1)) as Newfield
Finally you should setup all this an agent Job scheduled to your needs.
Apologies if this is not as detailed as you like, but it seems there are many questions to be answered and not enough detail to help further.
Alternatively you could also do a lookup upon lookup (USING SSIS):
data flow task > download first table completely to destination server
JOIN TO
dataflow task > reading from destination server, do a lookup to 2 origin server (if match you might update, if not, insert)
repeat until all 5 of them are done.
This is NOT the most elegant or efficient solution, but it will definitely get the work done.
I need to encrypt several columns in a database.
Do I create one certificate and a symmetric key for each column or one certificate and one symmetric key per column.
What is the best practice?
Where is the data coming from? If you have an application, especially a web based application you should encrypt the data prior to transmitting it.
Have you thought about using SQL Server's Transparent Data Encryption (TDE)?
In my experience with MS SQL 2008 cell level encryption, you need to set up a master key for your database, create a certificate for your database, and based on that certificate a symmetric key that you will use to encrypt cell level data.
Columns for which you want to encrypt the data on have to be of one of type VARBINARY (or two others: I believe VARCHAR, and NVARCHAR, but I'm not certain). There is also a specific method of inserting/updating data in these columns, as well as reading data from these columns.
We're currently storing a few selected columns of sensitive information encrypted in this manner in VARBINARY(256) columns, along with TDE on top of our database.
More information and helpful tutorials can be found here:
http://www.sqlservergeeks.com/articles/sql-server-bi/19/cell-level-encryption-in-sql-server
http://blogs.technet.com/b/keithcombs/archive/2005/11/24/415079.aspx