Download eBook (PDF) - Red Gate Software

4 – Encryption Basics for SQL Server• Transformation of cipher text to plain text (decryption).• Obtaining of a key's id by passing its name.• Verification of an asymmetric key or certificate's signature.• Return of a certificate property.For reference information regarding the syntax and usage of each of thesefunctions, please refer to Appendix A. The ability to execute these built-infunctions will depend upon the user's ownership or permissions to the objectthat it is referencing. For example, if the user does not have ownership orpermissions granted to a certificate, they will not be able to encrypt data,decrypt data or return the certificate's properties through these built-infunctions.Encryption Catalog ViewsCatalog views are a valuable tool in SQL Server, through which the metadatainformation of a database or an instance can be queried.While all users in the PUBLIC server role have permissions to query catalogviews, the results of the queries can differ based upon the user's ownership andpermissions to the objects to which the metadata refers. If ownership orpermissions are not granted to the user performing the query, the metadata forthat object will not be returned.Various categories of Catalog view are available, allowing you to querymetadata for CLR assemblies, extended properties, schemas, linked servers andsecurity, to name just a few. In the interest of securing sensitive data, we willuse, in the coming chapters, some of the catalog views that fall in the securitycategory and that are specific to encryption, which include:• Sys.Asymmetric_Keys• Sys.Certificates• Sys.Credentials• Sys.Crypt_Properties• Sys.Cryptographic_Providers• Sys.Key_Encryptions• Sys.OpenKeys• Sys.Symmetric_KeysFor reference information regarding the syntax and usage of each of theseviews, please refer to Appendix A. These catalog views can be queried, aftercreating their associated objects, as a means of verifying that the execution was98