The forum will experience an outage sometime between February 10 at 7:00pm EST and February 12 at 11:59 EST for installation of security updates. The actual time and duration of the outage are unknown but attempts will be made to minimize the downtime. We apologize for any inconvenience.

hello folks, I was wondering what companies typically do as far as encryption key protection practices. Basically, I would not like a dba or onsite consultant to provide a key every time a database is provided, and neither having that put in, "in the clear" is not an option, as far as a batch startup file.

any recommendations?

thanks much, Cosmin

asked 30 May '16, 20:29

cosmini's gravatar image

cosmini
76138
accept rate: 0%

edited 30 May '16, 20:54


There may be some 'best practices' out there that others can report one. <pls contribute="" and="" share,="" tnks.="">

From the SQL Anywhere features you have a few features available to you . . . Encryption keys can be provided in @configuration files, and configuration files can be encrypted, and further the content of those files can be made conditional and specific to just, say, dbsrv and or dbeng and not able to be used to grant backdoor access to utilities (ie. forcing utilitiy users to know the key, for example). All being significant barriers individually and in combinations.

After that you can use system level security to prevent access to the directory and or the specific config file to uses other than for startup and admin purposes.

permanent link

answered 31 May '16, 09:07

Nick%20Elson%20SAP%20SQL%20Anywhere's gravatar image

Nick Elson S...
6.2k2890
accept rate: 30%

thank you, Nick, for the fast & informative reply!! :-) Will look further into your suggestions.

thanks again, Cosmin

(31 May '16, 09:31) cosmini
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×32

question asked: 30 May '16, 20:29

question was seen: 188 times

last updated: 31 May '16, 09:31