维护计划中的密码保护 sql 个数据库备份
Password protect sql database backups in maintenance plan
我有一个 Microsoft sql 服务器数据库 (2012),目前正在使用维护计划对其进行备份。我的计划中有完整备份、差异备份和事务日志备份。出于安全原因,我想在这些文件上添加密码保护。在我的维护计划中有什么方法可以实现这一目标吗?提前致谢。
我找到了这个 link,它对我有用(至少现在是这样)。
https://msdn.microsoft.com/en-us/library/bb934049.aspx
以下来自微软网站
Transparent Data Encryption (TDE)
Transparent Data Encryption (TDE) encrypts SQL Server and Azure SQL
Database data files, known as encrypting data at rest. You can take
several precautions to help secure the database such as designing a
secure system, encrypting confidential assets, and building a firewall
around the database servers. However, in a scenario where the physical
media (such as drives or backup tapes) are stolen, a malicious party
can just restore or attach the database and browse the data. One
solution is to encrypt the sensitive data in the database and protect
the keys that are used to encrypt the data with a certificate. This
prevents anyone without the keys from using the data, but this kind of
protection must be planned in advance.
TDE performs real-time I/O encryption and decryption of the data and
log files. The encryption uses a database encryption key (DEK), which
is stored in the database boot record for availability during
recovery. The DEK is a symmetric key secured by using a certificate
stored in the master database of the server or an asymmetric key
protected by an EKM module. TDE protects data "at rest", meaning the
data and log files. It provides the ability to comply with many laws,
regulations, and guidelines established in various industries. This
enables software developers to encrypt data by using AES and 3DES
encryption algorithms without changing existing applications.
我有一个 Microsoft sql 服务器数据库 (2012),目前正在使用维护计划对其进行备份。我的计划中有完整备份、差异备份和事务日志备份。出于安全原因,我想在这些文件上添加密码保护。在我的维护计划中有什么方法可以实现这一目标吗?提前致谢。
我找到了这个 link,它对我有用(至少现在是这样)。 https://msdn.microsoft.com/en-us/library/bb934049.aspx
以下来自微软网站
Transparent Data Encryption (TDE)
Transparent Data Encryption (TDE) encrypts SQL Server and Azure SQL Database data files, known as encrypting data at rest. You can take several precautions to help secure the database such as designing a secure system, encrypting confidential assets, and building a firewall around the database servers. However, in a scenario where the physical media (such as drives or backup tapes) are stolen, a malicious party can just restore or attach the database and browse the data. One solution is to encrypt the sensitive data in the database and protect the keys that are used to encrypt the data with a certificate. This prevents anyone without the keys from using the data, but this kind of protection must be planned in advance.
TDE performs real-time I/O encryption and decryption of the data and log files. The encryption uses a database encryption key (DEK), which is stored in the database boot record for availability during recovery. The DEK is a symmetric key secured by using a certificate stored in the master database of the server or an asymmetric key protected by an EKM module. TDE protects data "at rest", meaning the data and log files. It provides the ability to comply with many laws, regulations, and guidelines established in various industries. This enables software developers to encrypt data by using AES and 3DES encryption algorithms without changing existing applications.