Strong database encryption technology makes a database inoperable and inaccessible without a key (password). An algorithm encodes the information contained in your database and transaction log files so they cannot be deciphered.
For strongly encrypted databases, be sure to store a copy of the key in a safe location. If you lose the encryption key there is no way to access the data, even with the assistance of technical support. The database must be discarded and you must create a new database.
The algorithm used to implement SQL Anywhere strong encryption is AES: a block encryption algorithm chosen as the new Advanced Encryption Standard (AES) for block ciphers by the National Institute of Standards and Technology (NIST). It has many properties that lend itself well to encryption of SQL Anywhere databases in terms of performance and size.
You can also specify a separate FIPS-approved AES algorithm for strong encryption using the AES_FIPS (128-bit) or AES256_FIPS (256-bit) type. When the database server is started with the -fips option, you can run databases encrypted with AES, AES256, AES_FIPS, or AES256_FIPS strong encryption, but not databases encrypted with simple encryption. Unencrypted databases can also be started on the server when -fips is specified. See -fips server option.
The SQL Anywhere security option must be installed on any computer used to run a database encrypted with AES_FIPS or AES256_FIPS.
ECC encryption and FIPS-certified encryption require a separate license. All strong encryption technologies are subject to export regulations.
FIPS is not available on all platforms. For a list of supported platforms, see SQL Anywhere Supported Platforms and Engineering Support Status.
|Send feedback about this page via email or DocCommentXchange||Copyright © 2008, iAnywhere Solutions, Inc. - SQL Anywhere 11.0.0|