Database Encryption

 Previous  Index  Next  How To Use

The Database Encryption Wizard can be found after connecting to a database on a server that supports encryption (InterBase 2009 and up) and selecting it from the Management & Maintenance node in the Database Navigator.

 

In this topic:

1.Encryption Wizard

2.Decrypt Database

 

If the database is encryption, the node will say Decrypt Database, if it's not yet encrypted, it says Database Encryption Wizard.

 

Encryption Wizard

The Encryption Wizard is a tool that will take you through the database encryption process on a per step basis. It will check to see if things are already done (like enabling Embedded User Authentication) or are possible at all.

 

(click image to expand)

Encryption Wizard - welcome page

Database Encryption Wizard - welcome page

 

The welcome page lists the steps to be done:

enabled Embedded User Authentication

create the SYSDSO user with a password

set the System Encryption Password

create a database encryption key and grant the database owner privileges to the key

encrypt the database

 

Enable Embedded User Authentication

This step is automatically skipped if EUA is already turned ON and can only be done by the database owner, if you're not connected as the database owner, the wizard will should a message similar to the one below, the wizard cannot continue.

 

EUA cannot be enabled, the wizard cannot continue.

 

Create the SYSDSO User

Encryption keys can be created by the SYSDSO user only, so the wizard asks for a password to create that user.

 

Set the System Encryption Password

The SEP is used to protect the encryption keys, the wizard asks for a password.

 

Create a database encryption key and grant privileges to the key

To encrypt the full database, you need at least 1 encryption key and select that key to encrypt the database. If you already have encryption keys, leave the Encryption Key details empty and select one from the drop down box.

 

(click image to expand)

Encryption Wizard - encryption keys

Encryption Key

 

Encrypt the database

At the last step, the wizard will execute all tasks and encrypt the database. Any steps skipped will be displayed as "disabled", see the screenshot below.

 

Encryption Wizard - ready to encrypt

Ready to start executing the tasks to encrypt the database

 

Using the Finish key will execute the required tasks and encrypt your database.

 

Decrypt Database

If a database is encrypted, executing Decrypt Database will decrypt your database. It will not disable Embedded User Authentication, drop encryption keys etc.

 

Simply double click the node in the Database Navigator, confirm the action and the database will be decrypted.